Secure Global Desktop Administration Guide > Users and authentication > Enabling the SecurID login authority
To enable SecurID authentication and give SecurID users access to a Webtop, you need to:
Note We also recommend that your RSA ACE/Server® is up to date with the patches released by RSA.
The Secure Global Desktop host must be able to contact the RSA SecurID (ACE) server on the network.
Secure Global Desktop works with versions 4 and 5 of the RSA ACE/Server. The references below are to the RSA ACE/Server v 4.1 Administration Manual.
/etc/sdace.txt containing the line:
VAR_ACE=/var/ace/data
/var/ace/data and copy the RSA ACE server's sdconf.rec file to it. See the "RSA ACE/Agent Software" section of Appendix C for UNIX for details.server.domain.com as a client machine (type: UNIX) to the ACE database. See Chapter 4 Clients and Activation on Clients for details.user1 can access resource server.domain.com. Alternatively, set the Open to All Locally Known Users option. See Chapter 4 Clients and Activation on Clients for details.Note From version 4.0, the Secure Global Desktop server no longer runs as the UNIX root user. However the ACE/Server data is usually stored in a directory which is only writeable as
root.
To enable SecurID authentication to succeed, make the /etc/sdace.txt file and the /var/ace/data directory owned and readable by the group ttaserv.
Or type the following from a command line:
tarantella config edit --login-securid 1
Note If you use SecurID for authenticating users on application servers, you must disable the Save Secure Global Desktop login details in cache attribute on the Application Launch Properties panel of Array Manager. This is because SecurID passcodes cannot be re-used.
Copyright © 1997-2005 Sun Microsystems, Inc. All rights reserved.