HELP FILE

Hoe configureer ik LastPass Universal Proxy met het configuratiebestand server.properties zonder de CLI-tool?

Nadat u LastPass Universal Proxy voor de eerste keer geïnstalleerd heeft, moet deze geconfigureerd worden voor gebruik. U kunt de LastPass Universal Proxy configureren met behulp van de CLI-tool of door het configuratiebestand voor server.properties te bewerken in een teksteditor Hieronder vindt u stapsgewijze instructies voor de configuratie met het bestand server.properties.

Voordat u begint: Raadpleeg Hoe configureer ik LastPass Universal Proxy? voor informatie over het downloaden en installeren van LastPass Universal Proxy.

Opmerking: Deze functie is beschikbaar met LastPass Business + add-on Advanced MFA. Meer informatie over abonnementen en prijzen.
Opmerking: We adviseren het gebruik van de CLI-tool bij het configureren van Universal Proxy voor de eerste keer, aangezien deze een eerste versie van het bestand server.properties genereert. Dit bestand is leesbaar. Voor meer configuraties kunt u het configuratiebestand server.properties bewerken met uw teksteditor.
Als u een fout heeft gemaakt bij het bewerken van het configuratiebestand, kunt u altijd opnieuw beginnen vanuit de CLI-tool en een nieuw bestand maken.

Tip:
  • Om de huidige inhoud van het bestand server.properties zonder gevoelige gegevens te bekijken, open PowerShell en voer de volgende opdracht uit:
    uproxy -showConfig
  • Om het bestand server.properties te openen in de standaard teksteditor, open PowerShell voer de volgende opdracht uit:
    uproxy -editConfig

Zie voor meer informatie over de configuratie-instellingen Hoe configureer ik LastPass Universal Proxy met behulp van de opdrachtregelinterface (CLI)?

  1. Ga naar de map C:\Program Files\LastPass\Universal Proxy\conf en sla server_template.properties op als server.properties.
  2. Open het bestand server.properties met een teksteditor en bewerk de eigenschappen.
  3. Sla het bestand server.properties op.

    Het bestand server-template.properties in C:\Program Files\LastPass\Universal Proxy\conf bevat alle mogelijke attributen en hun beschrijvingen.

    ###
    ### This configuration file contains the settings for the Universal Proxy.
    ### It has four sections
    ### 	* Server settings
    ### 	* LastPass API settings
    ### 	* LDAP settings
    ### 	* RADIUS settings
    ### Fill Server settings and LastPass API settings first. Then fill LDAP settings if you plan to use
    ### Universal Proxy using LDAP or LDAPS or fill RADIUS settings if you are going to use RADIUS.
    ### If a value is not applicable for your case leave it as it is.
    ### For further information see the online documentation:
    ### 	https://support.logmeininc.com/lastpass/help/what-is-lastpass-universal-proxy
    ###
    ### Note, that it is also possible to configure Universal Proxy using the command line tool.
    ### Issue the following command in PowerShell to start the command line configuration tool:
    ### 	uproxy -configurationTool
    ### Online documentation for the configuration tool:
    ### 	https://support.logmeininc.com/lastpass/help/how-do-i-configure-the-lastpass-universal-proxy-via-command-line
    ###
    
    
    #######################################
    #######################################
    ###                                 ###
    ### Universal Proxy Server settings ###
    ###                                 ###
    #######################################
    #######################################
    ##
    ## Server settings: set these values to configure how the Universal Proxy handles incoming authentication
    ## requests. Choose the authentication protocol (LDAP, LDAPS or RADIUS), specify the ports and domains and
    ## set the server mode (LP, PLP, SFA).
    ## For an explanation about server modes see the documentation:
    ## 	https://support.logmeininc.com/lastpass/help/what-is-lastpass-universal-proxy#server_modes
    ##
    
    # The protocol to authenticate users. [LDAP | LDAPS | RADIUS]
    server.protocol=
    
    # The mode in which Universal Proxy should run [LP | PLP | SFA].
    server.mode=
    
    # The port on which Universal Proxy listens on.
    server.port=
    
    #Accounting port is used if Radius protocol is selected.
    #The accounting port Universal Proxy listens on.
    server.accounting.port=
    
    # The name of your company. This value appears to end users in the MFA app.
    company.name=
    
    ###################################################
    ### Identity user name mapping: common settings ###
    ###################################################
    
    # The domain of your company (i.e.: mycompany.com)
    domain=
    
    #################################################################
    #################################################################
    ###                                                           ###
    ### Authentication server settings: LastPass Identity service ###
    ###                                                           ###
    #################################################################
    #################################################################
    ##
    ## LastPass authentication server settings: set these values to configure how the Universal Proxy can reach the LastPass Identity service.
    ## The documentation describes how to get a LastPass API key:
    ## 	https://support.logmeininc.com/lastpass/help/how-do-i-find-the-api-key
    ##
    
    # The LastPass API key
    api.key=
    
    ###################################################
    ###################################################
    ###                                             ###
    ### Authentication server settings: LDAP server ###
    ###                                             ###
    ###################################################
    ###################################################
    ##
    ## LDAP settings: set these values to configure Universal Proxy to be able to communicate with a LDAP server.
    ## Leave these values blank if you are not planning to use Universal Proxy for LDAP authentication.
    ## The ldap.admin.password field is applicable only if the server mode is LP.
    ## The ldap.address, ldap.port and ldap.tls fields can only be used if the server mode is either PLP or SFA.
    ## For an explanation about server modes see the documentation:
    ## 	https://support.logmeininc.com/lastpass/help/what-is-lastpass-universal-proxy#server_modes
    ## For the current server mode see the value of the server.mode variable in this file.
    ## Leave any value blank which is not applicable for your current setup.
    ##
    
    # The address of the AD. Applies to server modes: [PLP | SFA]
    ldap.address=
    
    # The port on which the AD expects authentication messages (default: LDAP: 389, LDAPS: 636). Applies to server modes: [PLP | SFA]
    ldap.port=
    
    # The distinguished name of the LDAP admin user. Example: CN=admin,CN=Users,DC=domain,DC=com
    ldap.admin=
    
    # The password of the LDAP admin user. Applies to server modes: [LP] only.
    ldap.admin.password=
    
    # LDAP naming attribute: the name of the LDAP field in which the Windows user logon name is stored. Possible values: [cn | uid | userPrincipalName | sAMAccountName]
    # ldap.attribute.login=sAMAccountName
    ldap.attribute.login=
    
    # Password of the Keystore and Truststore files containing the SSL certificates. Applies only if you chose LDAPS protocol in Universal Proxy Server settings.
    keystore.password=
    
    ##################################################
    ### Identity user name mapping for LDAP server ###
    ##################################################
    
    # The name of the LDAP attribute which stores the employees' logon name in LastPass Identity service.
    # ldap.field.name=userPrincipalName
    ldap.field.name=
    
    #####################################################
    #####################################################
    ###                                               ###
    ### Authentication server settings: Radius server ###
    ###                                               ###
    #####################################################
    #####################################################
    ##
    ## RADIUS settings: set these values to configure Universal Proxy to be able to communicate with a real RADIUS server.
    ## Leave these values blank if you are not planning to use Universal Proxy for RADIUS authentication.
    ## Note, that radius.server.address and radius.server.port are values which have to be filled only if the
    ## server mode is either PLP or SFA.
    ## For an explanation about server modes see the documentation:
    ## 	https://support.logmeininc.com/lastpass/help/what-is-lastpass-universal-proxy#server_modes
    ## For the current server mode see the value of the server.mode variable in this file.
    ## Leave any value blank which is not applicable for your current setup.
    ##
    
    # The address of the RADIUS server. Applies to server modes: [PLP | SFA]
    radius.server.address=
    
    # The port on which the RADIUS server expects the authentication messages (1812 by default). Applies to server modes: [PLP | SFA]
    # radius.server.port=1812
    radius.server.port=
    
    # The accounting port of the Radius server.
    # radius.server.accounting.port=1813
    radius.server.accounting.port=
    
    # The RADIUS secret.
    radius.secret=
    
    ####################################################
    ### Identity user name mapping for RADIUS server ###
    ####################################################
    ## LDAP server parameters if LastPass Identity user name lookup is enabled in LDAP Directory.
    ##
    
    # The protocol to talk to LDAP server. Valid values: [LDAP | LDAPS].
    radius.mfa.user.lookup.ldap.protocol=
    
    # The distinguished name of the LDAP admin user. Example: CN=admin,CN=Users,DC=domain,DC=com
    radius.mfa.user.lookup.ldap.admin=
    
    # The password of the LDAP admin user.
    radius.mfa.user.lookup.ldap.admin.password=
    
    # The address of the AD. Applies to server modes:
    radius.mfa.user.lookup.ldap.address=
    
    # The port on which the AD expects authentication messages (default: LDAP: 389, LDAPS: 636).
    radius.mfa.user.lookup.ldap.port=
    
    # The name of the LDAP field in which the user name is stored. Possible values: [cn | uid | userPrincipalName | sAMAccountName]
    radius.mfa.user.lookup.ldap.attribute.login=
    
    # The name of the LDAP field which stores the email address which is the username for LastPass Identity.
    radius.mfa.user.lookup.ldap.field.name=
    
    # If LDAPS is selected for MFA user name lookup. Password of the file containing the AD certificate.
    radius.mfa.user.lookup.keystore.password=