Home > User Interface > Configuration > Policy Configuration > Authentication Sources > External > Email
|
Menu path: Configuration > Policies and Access Control > Authentication Sources > External > Email.
In email authentication, a user receives an email from A3 with a validation link to click on to complete registration. An email authentication source is predefined in the external authentication sources list.
Note
The use of email authentication requires that SMTP servers and other parameters be configured. This can be accomplished through the use of the Alerting page.The fields in the form are:
| Field Name | Usage | Example |
|---|---|---|
| Name | The name of the authentication source. | email-auth |
| Description | A description of the purpose of the authentication source. | Email-based identification in web portal |
| Banned Domains | A comma-separated list of domains that are banned for email registration. Wild cards are allowed. Banned domains are checked before allowed domains. | *gmail.com |
| Allowed Domains | A comma-separated list of domains that are allowed for email registration. Wild cards are allowed. Banned domains are checked before allowed domains. | extremenetworks.com |
| Email Activation Timeout | Since the user must view an email to activate the validation link, a temporary VLAN or other network configuration is automatically instantiated that allows internet access for a period of time. The length of that time is specified here. | 10 minutes |
| Allow Local Domain | If enabled, all email addresses with any domain are allowed to perform email authentication. If not enabled, email addresses with a domain name that matches the domain associated with A3 will NOT be allowed. |
|
| Host in Activation link |
If used, the host name used in the validation link will be replaced. Note: If this field
is used, then the haproxy
service must be restarted via the Status>Services page.
Further, the hostname used must have a DNS entry in the user
VLAN.
|
|
| Create Local Account | If enabled, when a user completes an email authentication a local A3 account will be created for the user if one does not already exist. |
|
| Password Hashing Method | The algorithm used to hash passwords in the database. Only new or reset passwords are affected. One of Bcrypt, Plaintext, or NTLM. | |
| Password Length | The length of generated passwords. | 8 |
| Number of Logins for the Local Account | If the Create Local Account field is enabled, then this field designates the number of times that the user or the user's devices may login. A value of 0 means an infinite number of times. | 0 |
| Authentication Rules | Indicates the actions to be performed when the authentication is satisfied. Authentication rules are covered in Authentication Rules. |
Note
When advised to restart any A3 service, the administrative interface for each cluster member must be used individually to perform the operation. Perform the operation on each member one at a time, waiting for the service(s) to completely restart.Copyright © 2020 Extreme Networks. All rights reserved. Published December 2020.