Security Notes
This section provides information about supported connections and privilege requirements.
Supported Connections
Waveset can use the following to communicate with the SecurID ACE/Server adapter:
-
Waveset Gateway (Windows only)
-
Telnet (UNIX only)
-
SSH (UNIX only)
-
SSHPubKey (UNIX only)
For SSHPubKey connections, the private key must be specified on the Resource Parameters page. The key must include comment lines such as --- BEGIN PRIVATE KEY --- and --- END PRIVATE KEY --. The public key must be placed in the /.ssh/authorized_keys file on the server.
Required Administrative Privileges
The user specified in the Login User resource parameter (on UNIX) or in the Administrator Login resource parameter (on Windows) must be assigned to an administrative role that has the ability to run user- and token-related tasks.
You can use a test connection to test whether
-
These commands exist in the administrator user’s path
-
The administrative user can write to /tmp
-
The administrative user have rights to run certain commands
A test connection can use different command options than a normal provision run.
Note –
The Resource SecurID Administrators report lists all available administrators for the SecurID resource. This report describes the properties of each administrator, including administrator name, Admin level, Admin task list, Admin site, and Admin group. You can download this report in both .csv and .pdf formats.
- © 2010, Oracle Corporation and/or its affiliates