Secure Global Desktop 4.31 Administration Guide > Users and authentication > Enabling the SecurID login authority

Enabling the SecurID login authority

To enable SecurID authentication you must:

1. Configure each Secure Global Desktop server in the array as an Agent Host.
2. Enable SecurID authentication in Array Manager.

Configuring a Secure Global Desktop server as an Agent Host

Each Secure Global Desktop server in the array must be able to contact the Authentication Manager (formerly known as RSA ACE/Server) on the network.

The Secure Global Desktop Release Notes has details of the supported versions of the RSA Authentication Manager.

Your RSA Authentication Manager should be up to date with the patches released by RSA.

You must configure each Secure Global Desktop server in the array as an Agent Host. You do this as follows:

1. On the Secure Global Desktop host:
   • Create a file /etc/sdace.txt containing the line:

     VAR_ACE=/opt/ace/data

   • Create a directory /opt/ace/data.
   • Copy the Authentication Manager Configuration File (sdconf.rec) file to the /opt/ace/data directory.
   • Set the file permissions so that Secure Global Desktop can read and write the configuration files.

     chmod 444 /etc/sdace.txt
     chown -R ttasys:ttaserv /opt/ace
     chmod -R 775 /opt/ace

2. In the Authentication Manager Database Administration application (or sdadmin):
   • Add the Secure Global Desktop server as a UNIX Agent Host in the database, using the fully qualified name server.domain.com.
   • Configure Group or User Activation for the Agent Host, or alternatively, set the Open to All Locally Known Users option.

Enabling SecurID authentication in Array Manager

1. In Array Manager, click Secure Global Desktop Login, Properties.
2. Check the SecurID login authority box.

Or type the following from a command line:

tarantella config edit --login-securid 1

Copyright © 1997-2007 Sun Microsystems, Inc. All rights reserved.