A two factor authentication requires a domain username and then followed by a password, and afterwards a Certificate PIN or RSA PIN or similar or identical featured access types. Now in Windows Servers, implementing a Smart Card feature or a Virtual Smart Card feature enables improved security with certificates, which in turn can be validated against user accounts. The server then validates the credential passed to it and matches/compares the accounts statistics and then provides access to the user. Now we have covered the basic for Windows authentication, since we are talking about Lync Server 2013 Authentication factors; here is how:
Planning for the Two-Factor Authentication
Configuring Two-Factor Authentication
- Configuring Enterprise CA for smart card authentication in Lync Server 2013
- Configuring Windows 8 for using Virtual Smart Cards with Lync Server 2013
- Enrolling users for smart card authentication in Lync Server 2013
- Configuring Active Directory Federation Services (AD FS 2.0) for Lync Server 2013
- Configuring AD FS 2.0 to support client authentication in Lync Server 2013
- Configuring Lync Server 2013 passive authentication