RSA Security 6.1 Manual de usuario Pagina 17
- Pagina / 101
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
RSA SecurID Software Token 4.1 Administrator’s Guide
2: Installing the Application 17
If your users log on to the VPN client before logging on to Windows (referred to as
“prelogon” or “start before logon”) or you run your VPN client as a service, you
cannot use the default per-user database. You must instead configure your installation
to create a single database that contains all of the tokens stored on the hard drive.
This is required for the following reasons:
• When a user logs on to the VPN client before logging on to Windows, the user
context is not known (the user cannot be identified), because the user has not yet
logged on to Windows. Therefore, the SecurID desktop application cannot locate
the user’s token.
• When a VPN client is running as a service, a specific user cannot be identified and
that user’s token cannot be located because the VPN client is running as System
instead of as a user.
Important: Due to the user context issues, the RSA SecurID Software Token for
Windows supports prelogon VPN authentication and running the VPN client as a
service for only one user who has been issued only one software token. However, the
application supports a single user with multiple tokens if the VPN client application
provides the option of selecting a token from a list.
To create a single database, you must install the desktop application from the msiexec
command line, using the SETSINGLEDATABASE property. This property creates a
single database in the All Users directory. When the user starts prelogon to the VPN
client, for example, the VPN client retrieves a token from All Users.
If necessary, you can create the single database in a location other than the default
location. For more information, see “Command Line Properties
” on page 23.
Important: Use the SETSINGLEDATABASE property only on single-user machines.
Do not use this property if multiple users share a computer, because doing so gives all
users access to all tokens stored in the single database.
The following table lists the VPN clients that have been qualified with RSA SecurID
Software Token for Windows and identifies the scenarios that require installing a
single token database or installing either a per-user database or a single database.
VPN Client Prelogon
VPN Client
Running as a
Service
VPN Client Used
After Windows
Logon (not running
as a service)
Comments
Check Point Single database Single database Single database
Cisco Single database Single database Either per-user or single
database
VpnMode policy
must be set. See
“Customization
Policies” on
page 15.
Juniper Odyssey Single database Single database Single database
- Administrator’s Guide 1
- Contact Information 2
- Trademarks 2
- License agreement 2
- Distribution 2
- Contents 3
- About This Guide 7
- Related Documentation 7
- Getting Support and Service 8
- 1 Overview and Requirements 9
- Mac OS X System Requirements 10
- Token Storage Devices 11
- Virtualized Environments 12
- Clock Settings 12
- 2 Installing the Application 13
- Customization Policies 15
- (Windows Only) 16
- Windows Installation Package 19
- Enterprise-Wide Installations 19
- Command Line Installation 22
- Command Line Examples 25
- Modify an Installation 27
- Repair an Installation 28
- Perform the Upgrade 30
- Install the Application 36
- Provisioning Software Tokens 41
- PINPad-Style Software Tokens 42
- Fob-Style Software Tokens 43
- Device Type 44
- Device Serial Number 46
- Windows User SID 47
- Provisioning Overview 48
- Device Definition Files 49
- Distribute the Token 53
- Bind the Token 58
- Assign a Token Nickname 60
- Distribute the SDTID File 60
- Before You Begin 62
- Approve the Request 66
- Next Steps 66
- Importing Tokens 67
- Change a Token Name 72
- Select a Token 73
- Device Passwords 73
- Set a Device Password 74
- Change a Device Password 74
- Remove a Device Password 74
- To reset the device: 75
- View Token Information 77
- Delete a Token 79
- Obtaining the Next Tokencode 80
- 5 Troubleshooting 81
- A Customizing the Application 83
- Policy Details 86
- CtkipUrl 87
- DisableChangeTokenName 87
- DisableDeleteToken 88
- DisableSetDevicePassword 88
- OnlyOneToken 88
- TokenExpirationNotification 88
- TokenRenewalURL 88
- ValidDevices 89
- B Logging 93
- Location of Log Output Files 94
- Log Message Format 95
- Sample Log Messages 96
- B: Logging 97 97
Relacionado con productos y manuales para Servidores RSA Security 6.1
(11 paginas)© 2020, manymanuals.es. Todos los derechos reservados | 0.101 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales