Tarantella Administration Guide > Users and authentication > How do I enable SecurID authentication?

How do I enable SecurID authentication?

To enable SecurID authentication and give RSA SecurID^® users access to a Tarantella webtop, you need to:

1. Configure the Tarantella server as an RSA ACE/Agent^®.
2. Switch SecurID authentication on in Array Manager.

Note We also recommend that your RSA ACE/Server^® is up to date with the patches released by RSA.

Configuring the Tarantella server as an RSA ACE/Agent

The Tarantella server's operating system must be configured so that Tarantella can talk to the RSA SecurID (ACE) server on the network.

Tarantella works with versions 4 and 5 of the RSA ACE/Server. The references below are to the RSA ACE/Server v 4.1 Administration Manual.

1. On the Tarantella server, create a file /etc/sdace.txt containing the line:

   VAR_ACE=/var/ace/data

2. Create a directory /var/ace/data and copy the RSA ACE server's sdconf.rec file to it. See the "RSA ACE/Agent Software" section of Appendix C for UNIX for details.
3. Add the Tarantella server server.domain.com as a client machine (type: UNIX) to the ACE database. See Chapter 4 Clients and Activation on Clients for details.
4. Add user access to client (sdadmin or GUI) e.g. user1 can access resource server.domain.com. Alternatively, set the Open to All Locally Known Users option. See Chapter 4 Clients and Activation on Clients for details.

Switching SecurID authentication on in Array Manager

1. On your webtop, click Array Manager.
2. Select Tarantella Login and click the Properties button.
3. Check the SecurID login authority box.

Or type the following from a command line:

tarantella config edit --login-securid 1

Note You should also check the Application Launch Properties panel of Array Manager. The Save Tarantella login details in cache setting must be disabled. This is because RSA SecurID passwords cannot be re-used.