ESET Secure Authentication (ESA) adds two-factor authentication (2FA) to VPNs, RADIUS devices, Remote Desktop Protocol and various web applications including Outlook Web Access. 2FA is enforced through one-time passwords (OTPs) that can be delivered via SMS, a mobile application, or hardware tokens (hard tokens).
ESET Secure Authentication (ESA) extends the Active Directory Schema. While some concern has been expressed that extending the Active Directory (AD) Schema can break Active Directory or cause other issues, ESA has been specifically designed to align with Microsoft best practices for extension of the AD Schema. These best practices have been documented in the following Microsoft Developer Network article:
Extending the Active Directory Schema
Microsoft best practices for extension of the AD observed by ESA include:
ESA complies with all of the above Microsoft recommendations.
Microsoft provides a number of additional guidelines for schema extensions that ship with applications (such as ESA). ESA is designed to comply with these suggestions, which include the following:
Considering that ESA follows all the official guidelines published by Microsoft with regards to extending Active Directory Schemas, there is no cause for concern about the safety/stability of such extensions performed by ESA upon installation.