DirectoryService / Client / enable_radius



Enables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory.

See also: AWS API Documentation

Request Syntax

response = client.enable_radius(
        'RadiusServers': [
        'RadiusPort': 123,
        'RadiusTimeout': 123,
        'RadiusRetries': 123,
        'SharedSecret': 'string',
        'AuthenticationProtocol': 'PAP'|'CHAP'|'MS-CHAPv1'|'MS-CHAPv2',
        'DisplayLabel': 'string',
        'UseSameUsername': True|False
  • DirectoryId (string) –


    The identifier of the directory for which to enable MFA.

  • RadiusSettings (dict) –


    A RadiusSettings object that contains information about the RADIUS server.

    • RadiusServers (list) –

      An array of strings that contains the fully qualified domain name (FQDN) or IP addresses of the RADIUS server endpoints, or the FQDN or IP addresses of your RADIUS server load balancer.

      • (string) –

    • RadiusPort (integer) –

      The port that your RADIUS server is using for communications. Your self-managed network must allow inbound traffic over this port from the Directory Service servers.

    • RadiusTimeout (integer) –

      The amount of time, in seconds, to wait for the RADIUS server to respond.

    • RadiusRetries (integer) –

      The maximum number of times that communication with the RADIUS server is attempted.

    • SharedSecret (string) –

      Required for enabling RADIUS on the directory.

    • AuthenticationProtocol (string) –

      The protocol specified for your RADIUS endpoints.

    • DisplayLabel (string) –

      Not currently used.

    • UseSameUsername (boolean) –

      Not currently used.

Return type:



Response Syntax


Response Structure

  • (dict) –

    Contains the results of the EnableRadius operation.


  • DirectoryService.Client.exceptions.InvalidParameterException

  • DirectoryService.Client.exceptions.EntityAlreadyExistsException

  • DirectoryService.Client.exceptions.EntityDoesNotExistException

  • DirectoryService.Client.exceptions.ClientException

  • DirectoryService.Client.exceptions.ServiceException