Skip to main content
Code42 Support

Use RADIUS and LDAP together

Available in:

  • CrashPlan PRO
    • Standard
    • Premium
    • Enterprise
Applies to:

Overview

This tutorial explains how to configure your Code42 environment to support the use of RADIUS and LDAP together. Under this configuration, RADIUS is used for authentication, while LDAP handles other aspects of user management, such as user deactivation, role assignment, and organization assignment.

Considerations

Users in your Code42 environment must have matching RADIUS and LDAP usernames.

Testing RADIUS and LDAP
As a best practice, we recommend configuring RADIUS and LDAP in a test organization first to verify the configuration works as expected. Then, implement the settings for existing organizations or within your system-wide organization settings as described below.

Before you begin

Step 1: Configure organizations to use RADIUS and LDAP

Enable RADIUS and LDAP by modifying a specific organization or by modifying the system-wide organization settings.

Option A: Enable RADIUS and LDAP for a specific organization

  1. Sign in to the administration console on your authority server.
  2. Navigate to Organizations, then select the organization.
  3. From the Action menu, select Edit.
  4. Click Security.
    Enabling RADIUS and LDAP for an organization
  5. If necessary, deselect Inherit security settings from parent.
  6. Configure RADIUS as the authentication method:
    1. From Select an authentication method, choose RADIUS.
      The configured RADIUS servers appear.
    2. Select the RADIUS server that you want to offer for the organization.
  7. Configure LDAP as the directory service:
    1. From Select a directory service, select LDAP.
      The configured LDAP servers appear.
    2. Select an LDAP server.
  8. Click Save.

Option B: Enable RADIUS and LDAP for all organizations

Modify the system-wide organization settings to enable RADIUS and LDAP for all organizations.

Disabled inheritance
If you disable inheritance for an organization, that organization is not affected by changes to its parent organization.
  1. Sign in to the administration console on your authority server.
  2. Navigate to Settings > Organization.
  3. Click Security.
  4. Configure RADIUS as the authentication method:
    1. From Select an authentication method, choose RADIUS.
      The configured RADIUS servers appear.
    2. Select the RADIUS server that you want to offer for the organization.
  5. Configure LDAP as the directory service:
    1. From Select a directory service, select LDAP.
      The configured LDAP servers appear.
    2. Select an LDAP server.
  6. Click Save.

Step 2: Add new users that sign in with RADIUS and LDAP

To allow new users to create their own accounts when they first sign in to a Code42 app, deploy a customized Code42 app that is configured to defer user passwords. Alternatively, you can use the administration console to create user accounts.

Option A: Deploy the Code42 app

Distribute the Code42 app installer to new users.

  • New users can register accounts in your Code42 environment by signing in with RADIUS credentials.
  • New users begin backing up the default file selection immediately without authenticating if all of the following conditions are met:
    • The organization is configured to auto-start backups.
    • The Code42 app is modified to contain the correct organization registration key.
    • The Code42 app is modified to defer the user's password.
      Users are not able to sign in to the Code42 app or restore unless they have a valid RADIUS account.

Option B: Add users in the Administration console

Use the administration console to add users to an organization that uses RADIUS.

  • Verify that the users in the organization exist in the RADIUS and LDAP servers used by the organization.
  • Make sure that the Code42 environment usernames match the RADIUS and LDAP usernames.
  • Was this article helpful?