The Computer Logon Modern Authentication requires a custom configuration file in order to function correctly for the users. You must customise the configuration file with your own data.
Open the config.json in a text editor, such as Notepad
The Deepnet Computer Logon Modern Authentication supports both Azure AD (Entra ID) joined PCs and On-Prem AD joined PCs. The block "Azure AD" includes MFA server settings for Azure AD, and the block "OnPremAD" includes MFA server settings for On-Prem AD. For Entra ID (Azure AD) joined PCs, you need to change "YOUR-CLIENT-ID" and "YOUR-TENANT-ID" in the "AzureAD" data block.
We assume that for Entra ID joined PCs, you will use Microsoft MFA to authenticate users when the PC is connected to the internet.
If the Entra ID application you set up for Computer Logon MA supports a single tenant only, i.e
you must configure the following settings
- MFA server settings
...
- in the "AzureAD"
...
However, if the application you set up for Computer Logon with MFA supports multitenant, i.e.
Then, in the "AzureAD" block, replace "YOUR-TENANT-ID" in the configuration file with the word "common"
Next, replace "YOUR-CLIENT-ID" with the "Application (client) ID" of the application that you have set up for Computer Logon.
Below is an example:
Add Domain & NetBios Names
Next, you need to add the list of NetBIOS names and domain DNS names used in your organisation. The Computer Logon solution utilizes NetBIOS names and domain DNS names to differentiate between personal and business accounts.
If you only need to implement Computer Logon MFA for Azure AD, then you do not need to add NetBIOS names.
- data block
- domain_dns_name_list
...