XYGATE User Authentication Reference Manual

XYPRO Technology Corporation 89 Proprietary and Confidential

Chapter 13. Configuring the

RSA SecurID Interface

XYGATEUA interfaces to RSA SecurID

to enable secure authentication for logging on

to TACL on the HP NonStop server. This chapter describes the steps required to

configure the RSA SecurID interface.

XUA may be configured to require both the PASSCODE and the NonStop password or

just the PASSCODE.

XUA can be configured to force the RSA SecurID authentication on all the userids on

the system or to limit the requirement to groups of users.

As of version 1.40, XUA provides a mechanism to map NonStop userids and aliases to

the users in the RSA database. Refer to Chapter 15, “Mapping NonStop IDs to

Alternative Authentication Databases” starting on page 129 for more information and

examples of ID mapping.

13.1 Configuration Steps

To configure the RSA SecurID interface, there are six basic steps:

1. Prepare the NonStop system for authentication via RSA SecurID (section 13.3).

2. Review the considerations for RSA configuration (section 13.4).

3. Prepare the RSA Authentication Manager for communication with the NonStop

server (section 13.5).

4. Run the XUA_RSA_INSTALL host macro to prepare XUA for communication with

the RSA Authentication Manager (section 13.6).

5. Edit the UAACL file to implement the RSA authentication and mapping

(section 13.8).

6. Test the XUA interface to the RSA Authentication Manager and user name

mapping (section 13.9).