How To Enable self service user management for Cloud RADIUS with Entra ID in EZRADIUS

Prerequisites

  1. Registering the application in your tenant
  2. Creating Cloud Radius Instance
  3. Being a Subscription Owner or Network Administrator

How to Enable Self Service User Management in EZRADIUS

While we recommend using EAP-TLS for your RADIUS users, we understand that some devices might not support this protocol and you might have to fall back to passwords. If possible, we recommend using EAP-TTLs which can use your user passwords from Entra ID. However, if your networking gear (such as Meraki VPN) require other authentication methods such as PEAP-MSCHAPv2 or PAP, then you must use RADIUS local users, in this page we will guide you on how to setup self service user management for your users, allowing your users to manage their own passwords without help from your IT desk.

How to Enable Entra ID Self Service User Management in EZRADIUS

  1. Go to your EZRADIUS portal.
  2. Click on Settings. EZRADIUS Settings
  3. scroll down to the “Local User Settings” section.
  4. Click on the “Allow Self-Service User Management” checkbox. EZRADIUS Enable Self Service User Management
  5. By default the users will be able to create a user that will match their Entra ID User Principal Name (UPN) or Alias (the part before the @ symbol in their email address). You can select which of the two you want to use in the “Default User Name” dropdown. If you want your users to be able to create a user with a different username, you can select “Allow Custom Usernames” checkbox and they will be able to enter a custom username.
  6. Next, you must select your password policy.
    • Minimum Password Length - The minimum length of the password.
    • Require Uppercase - If the password must contain at least one uppercase letter.
    • Require Lowercase - If the password must contain at least one lowercase letter.
    • Require Number - If the password must contain at least one number.
    • Require Special Character - If the password must contain at least one special character.
    • Password Validity Period - The number of days before the password expires (leave as 0 if you do not want passwords to expire). EZRADIUS Cloud RADIUS User Password Policy for PEAP-MSCHAPv2 PAP or EAP-TTLS
  7. Scroll to the Top and Click on “Save Changes” on the top right.

How To Delete a User in Cloud RADIUS with Entra ID in EZRADIUS

Users will automatically be disabled if their Entra ID account is disabled, however, if you want to delete a user, you can go to user management as an administrator, find the user and delete it.