Como configuro o LastPass Universal Proxy 4. x com o server.properties arquivo de configuração sem usar a ferramenta CLI no Windows?
Antes de começar: Verifique
Como configuro o LastPass Universal Proxy v4.x ? para obter informações sobre como baixar e instalar o LastPass Universal Proxy.
Sobre esta tarefa:
Observação: este recurso requer LastPass Business + complemento Advanced MFA. Como faço um upgrade em minha conta do LastPass Business com um complemento?
Importante: Para usar o LastPass Universal Proxy 4. x, um Active Directory Connector devem ser instalados e um Active Directory deve estar presente.
Observação:
Dica:
Observação: este recurso requer LastPass Business + complemento Advanced MFA. Como faço um upgrade em minha conta do LastPass Business com um complemento?
Importante: Para usar o LastPass Universal Proxy 4. x, um Active Directory Connector devem ser instalados e um Active Directory deve estar presente.
Observação: Recomendamos usar o Ferramenta CLI ao configurar o Universal Proxy pela primeira vez, pois ele gera uma versão inicial do server.properties arquivo. Humanos conseguem ler este arquivo. Portanto, para mais configurações, você pode editar o arquivo de configuração server.properties com um de seus editores de texto.
Além disso, caso tenha cometido um erro ao editar o arquivo de configuração, você sempre pode criar um novo com a ferramenta CLI.
Dica:
- Para verificar o conteúdo atual do arquivo server.properties sem os dados confidenciais, abra o PowerShell e execute o seguinte comando:
uproxy -showConfig - Para abrir o arquivo server.properties no editor de texto padrão, abra o PowerShell e execute o seguinte comando:
uproxy -editConfig
Para mais informações sobre as configurações de configuração, consulte o artigo Como configuro o LastPass Universal Proxy 4. x usando a interface de linha de comando (CLI) no Windows?.
- Salve o arquivo server.properties.
O arquivo server-template.properties em C:\Program Files\LastPass\Universal Proxy\conf contém todos os atributos possíveis e suas descrições.
### ### This configuration file contains the settings for the Universal Proxy. ### It has four sections ### * Server settings ### * LastPass API settings ### * LDAP settings ### * RADIUS settings ### Fill Server settings and LastPass API settings first. Then fill LDAP settings if you plan to use ### Universal Proxy using LDAP or LDAPS or fill RADIUS settings if you are going to use RADIUS. ### If a value is not applicable for your case leave it as it is. ### For further information see the online documentation: ### https://support.lastpass.com/help/what-is-lastpass-universal-proxy ### ### Note, that it is also possible to configure Universal Proxy using the command line tool. ### Issue the following command in PowerShell to start the command line configuration tool: ### uproxy -configurationTool ### Online documentation for the configuration tool: ### https://support.lastpass.com/help/how-do-i-configure-the-lastpass-universal-proxy-via-command-line ### ####################################### ####################################### ### ### ### Universal Proxy Server settings ### ### ### ####################################### ####################################### ## ## Server settings: set these values to configure how the Universal Proxy handles incoming authentication ## requests. Choose the authentication protocol (LDAP, LDAPS or RADIUS), specify the ports and domains and ## set the server mode (LP, PLP, SFA). ## For an explanation about server modes see the documentation: ## https://support.lastpass.com/help/what-is-lastpass-universal-proxy#server_modes ## # The protocol to authenticate users. [LDAP | LDAPS | RADIUS] server.protocol= # The mode in which Universal Proxy should run [LP | PLP | SFA]. server.mode= # The port on which Universal Proxy listens on. server.port= #Accounting port is used if Radius protocol is selected. #The accounting port Universal Proxy listens on. server.accounting.port= # The name of your company. This value appears to end users in the MFA app. company.name= # The name of your company. This value appears to end users in the MFA app. company.name= ################################################################# ################################################################# ### ### ### Authentication server settings: Common Login Service ### ### ### ################################################################# ################################################################# ## ## cli.cls.integration.key= cli.cls.integration.secret= default.cls.auth.method= ################################################### ################################################### ### ### ### Authentication server settings: LDAP server ### ### ### ################################################### ################################################### ## ## LDAP settings: set these values to configure Universal Proxy to be able to communicate with a LDAP server. ## Leave these values blank if you are not planning to use Universal Proxy for LDAP authentication. ## The ldap.admin.password field is applicable only if the server mode is LP. ## The ldap.address, ldap.port and ldap.tls fields can only be used if the server mode is either PLP or SFA. ## For an explanation about server modes see the documentation: ## https://support.lastpass.com/help/what-is-lastpass-universal-proxy#server_modes ## For the current server mode see the value of the server.mode variable in this file. ## Leave any value blank which is not applicable for your current setup. ## # The address of the AD. Applies to server modes: [PLP | SFA] ldap.address= # The port on which the AD expects authentication messages (default: LDAP: 389, LDAPS: 636). Applies to server modes: [PLP | SFA] ldap.port= # The distinguished name of the LDAP admin user. Example: CN=admin,CN=Users,DC=domain,DC=com ldap.admin= # The password of the LDAP admin user. Applies to server modes: [LP] only. ldap.admin.password= # LDAP naming attribute: the name of the LDAP field in which the Windows user logon name is stored. Possible values: [cn | uid | userPrincipalName | sAMAccountName] # ldap.attribute.login=sAMAccountName ldap.attribute.login= # Password of the Keystore and Truststore files containing the SSL certificates. Applies only if you chose LDAPS protocol in Universal Proxy Server settings. keystore.password= ##################################################### ##################################################### ### ### ### Authentication server settings: Radius server ### ### ### ##################################################### ##################################################### ## ## RADIUS settings: set these values to configure Universal Proxy to be able to communicate with a real RADIUS server. ## Leave these values blank if you are not planning to use Universal Proxy for RADIUS authentication. ## Note, that radius.server.address and radius.server.port are values which have to be filled only if the ## server mode is either PLP or SFA. ## For an explanation about server modes see the documentation: ## https://support.lastpass.com/help/what-is-lastpass-universal-proxy#server_modes ## For the current server mode see the value of the server.mode variable in this file. ## Leave any value blank which is not applicable for your current setup. ## # The address of the RADIUS server. Applies to server modes: [PLP | SFA] radius.server.address= # The port on which the RADIUS server expects the authentication messages (1812 by default). Applies to server modes: [PLP | SFA] # radius.server.port=1812 radius.server.port= # The accounting port of the Radius server. # radius.server.accounting.port=1813 radius.server.accounting.port= # The RADIUS secret. radius.secret= #RADIUS Ldap authentication radius.ldap.auth.enabled=
Importante: O tamanho máximo dos sAMAccountName é de 20 caracteres.