Enabling the SecurID login authority

To enable SecurID authentication and give SecurID users access to a Webtop, you need to:

Your RSA ACE/Server^® should be up to date with the patches released by RSA.

Note SecurID authentication is not supported on the Solaris Operating System on x86 platforms.

Configuring the Secure Global Desktop server as an RSA ACE/Agent

The Secure Global Desktop host must be able to contact the RSA SecurID (ACE) server on the network.

Secure Global Desktop works with versions 4 and 5 of the RSA ACE/Server. The references below are to the RSA ACE/Server v 4.1 Administration Manual.

On the Secure Global Desktop server, create a file /etc/sdace.txt containing the line:
```
VAR_ACE=/opt/ace/data
```
Create a directory /opt/ace/data and copy the RSA ACE server's sdconf.rec file to it. See the "RSA ACE/Agent Software" section of Appendix C for UNIX for details.
Set the file permissions so that Secure Global Desktop can read and write the configuration files.
```
chmod 444 /etc/sdace.txt
chown -R ttasys:ttaserv /opt/ace
chmod -R 775 /opt/ace
```
Add the Secure Global Desktop server server.domain.com as a client machine (type: UNIX) to the ACE database. See Chapter 4 Clients and Activation on Clients for details.
Add user access to client (sdadmin or GUI) e.g. user1 can access resource server.domain.com. Alternatively, set the Open to All Locally Known Users option. See Chapter 4 Clients and Activation on Clients for details.

Or type the following from a command line:

tarantella config edit --login-securid 1

Related topics
The SecurID login authority Using SecurID for application server authentication Login authorities Secure Global Desktop Login properties (array-wide)