Skip to main content
Skip table of contents

Authentication Servers Settings

In SettingsAuthentication Servers you can configure the following:

  • Synchronize users from and/or have them authenticate towards an LDAP server, such as a local Active Directory domain.

  • Synchronize users from your Microsoft Entra ID, and use Sign in with Microsoft for the MyQ Web Interface, Mobile, and Desktop Clients.

  • Authenticate users against a Radius server.

You can later assign the authentication server created here to be used by all synchronized users automatically when you are creating the user synchronization source.

You also can control these settings for each user individually in their profile on the Users page.

If you only authenticate users against MyQ (ID cards, PINs, and passwords), and thus do not use any remote authentication servers, or need to integrate with another external authentication provider, see User Authentication for details.

Limitations

Users using an LDAP, Microsoft Entra ID, or Radius authentication server cannot sign in on the MyQ Web User Interface with a PIN. However, they can use their PIN on the MyQ Embedded terminals and MyQ Desktop Client up to version 10.0.

Adding a new LDAP server:

  1. Click +Add and select LDAP Server. The new LDAP server properties panel opens on the right side of the screen.

    Adding a new LDAP server
  2. Enter the LDAP Domain.

  3. Select the LDAP Type as Active Directory or, if required, one of the other LDAP options such as Novell, OpenLDAP, or Lotus Domino.

  4. You should allow the LDAP connection to be secured by selecting the Security protocol you want to use.

    1. For Active Directory, you must select TLS in the Security field.

  5. Enter the Server hostname and the communication port.

    1. For Active Directory, use the Server port 636 for secure communication with TLS. You can also leave the IP address or hostname empty if you do not know them. The server will then be automatically discovered.

  6. If you have more addresses related to one LDAP server, you can add them by clicking Add.

  7. Click Save. The LDAP server now appears on the list of servers.

image-20240402-075821.png

Adding a new Microsoft Entra ID Server:

  1. Click +Add and select Microsoft Entra ID Server. The new Microsoft Entra ID server properties panel opens on the right side of the screen.

  2. If you have already added Microsoft Entra ID in the Connections settings, the server appears on the list. If not, click Add new, add the Microsoft Entra ID connection first (follow the guide for creating a new Entra ID connector).

    MS Entra Server settings
    MS Entra ID server settings
  3. Check the Enable Sign in with Microsoft checkbox if you want to allow users the login method Sign in with Microsoft.

  4. Click Save. The Microsoft Entra ID Server now appears on the list of servers.

    MyQ login screen with the Sign in with Microsoft option visible

Adding a new Radius server:

  1. Click +Add and select Radius server. The new Radius server properties panel opens on the right side of the screen.

  2. Enter the Radius server Name.

  3. Enter the Server IP address or hostname, the communication port and the Shared secret.

  4. If you have more addresses related to one Radius server, you can add them by clicking Add.

  5. Click Save. The Radius server now appears on the list of servers.

Radius server properties example

When an authentication server is renamed, a server with the old name will still appear in the Authentication server settings of a user profile, alongside the server with the new name. The old server is removed after the following user synchronization propagates changes.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.