SecurID Client Setup on a Routing-Mode Screen
To learn about the Screen as a client, see sdconf.rec from the server after it has been configured.
Two possible client mechanisms:
-
Install ACE/Agent 3.3 on Solaris 2.6 SPARC.
This software is on the CD with the server. Install it per the documented instructions.
-
Install ACE/Client stub.
The stub files are installed by the SUNWicgSS package:
/opt/SUNWicg/SunScreen/etc/securid_stubclient_setup /opt/SUNWicg/SunScreen/etc/securid_stubclient.tar
Note -
The first file is a script that uses the second file.
Become root in the directory where sdconf.rec resides, execute:
# /opt/SUNWicg/SunScreen/etc/securid_stubclient_setup sdconf.rec |
Once the client is installed, be sure to test it.
The first time a new client contacts the ACE/Server, it receives the node secret to allow this first-time exchange.
Note -
The first authentication request must be performed as root.
You also need a SecurID token that is configured for a user and for which user is activated on the routing-mode client. A simple means to test it out is to use the SecurID PIN Server:
# telnet localhost 3855SunScreen Vx.0 SecurID PIN and Re-Keying Server |
Type the SecurID login: user Type PASSCODE: passcode
Whether the passcode is accepted or access is denied, the client and server have exchanged the node secret.
Note -
If the above interaction receives an error about not being able to establish server communications, ensure that you used the correct login and so forth.
- © 2010, Oracle Corporation and/or its affiliates