Connect to Groupwise
- Navigate back to the Groupwise Administration portal.
- Go to System } Advanced Authentication
- Click New at the top
- Give the server a name
- Set the hostname to the FQDN of the AAuth server that you used for enrollment
- Ensure “Enable multi-factor authentication” is ticked
Then we need to configure the events for Groupwise using the details we used before.
- Navigate to the Endpoint tab
- Enter the same name you used when you created the generic event in both the Name and Event Name fields.
- Copy the Endpoint ID that you saved earlier into the Endpoint ID field
- Copy the Endpoint Secret that you saved earlier into the Endpoint Secret field
Now, you need to configure the Oauth2 Event
- Navigate to the OAuth2 tab
- Set the name to the name that you called the oauth event in Advanced Authentication
- Copy the Client ID that you saved earlier into the Client ID field
- Copy the Client Secret that you saved earlier into the Client Secret field
- Copy the Redirect URI’s to your clipboard.
- In a seperate tab, navigate back the admin area of the main Advanced authentication portal (https://{YOUR AAUTH SERVERS DOMAIN}/admin)
- Reopen the OAuth Event you created earlier
- Copy the Redirect URI’s into the redirect URI’s field.
- Click Save
- Click Close
Now, you need to enable Advanced Authentication on the post office.
- In the Groupwise Administration Pamel
- Navigate to Post Offices } Your Post Office } Client Options } Security
- set the Advanced Authentication dropdown to Enabled or Required (enable will mfa if enrolled, required will force it and stop anyone who is not enrolled)
- Click OK
Now, It’s testing time!
- Open the Groupwise Desktop app and access the server settings (click cancel instead of entering your password).
- Change the username to your enrolled user
- Change the host to your Groupwise server
- Cick Sign in
- It should bring up a prompt for your MFA code after password authentication, Enter it and it should let you in.