Specifications
Chapter 8 Authentication Services
validation results are then relayed to the user. The DTX 5000-CTL Management Appliance also supports new PIN
operations, next tokencode operations, RSA Authentication Manager Replica functionality and name locking. The DTX
5000-CTL Management Appliance is the agent type Net OS Agent.
For complete information about what is needed on the RSA server, see the RSA Secured Partner Solutions Directory on
the RSA web site (rsasecurity.com).
To add an RSA SecurID external authentication service:
1. On the RSA server that will be used as an external authentication service, add the DTX Control server as an RSA
Agent Host.
2. From the DTX Control Explorer, click the Users tab.
3. Click Authentication Services in the top navigation bar. The User Authentication Services window will open.
4. Click Add. The Add Authentication Service Wizard will appear.
5. The Provide Authentication Service Name and Type window will open.
a. In the Name field, type a 1-64 character name for the RSA authentication service.
b. Select RSA SecurID from the Type menu.
c. Click Next.
6. The Specify RSA SecurID Connection Settings window will open. Type the 1-512 character path to the sdconf.rec
file, or browse to the file location. (This file is created by the RSA Authentication Manager, but is located on the DTX
Control client machine.) Then, click Next.
The sdconf.rec file will be uploaded from the DTX Control client to the server. This file will be used as the initial
RSA configuration file for all DTX Control servers.
If some DTX Control servers require a different configuration, a different sdconf.rec file must be configured.
Additionally, some installations may require an advanced option file (sdopts.rec) for load balancing. You may
specify these files using the procedure to change settings for the RSA SecurID external authentication service.
7. The Establish Connection with Authentication Service window will open briefly. If the external authentication service
is added successfully, the Completed Successful window will open.
Click Finish. The User Authentication Services window will open with the new service listed.
After the service is added, one or more RSA user accounts must be added to the DTX Control software.
NOTE: The node secret file for the server will not be created until the first RSA user logs into the DTX Control software.
To change settings for the RSA SecurID external authentication service:
1. Click the Users tab.
2. Click Authentication Services in the top navigation bar. The User Authentication Services window will open.
3. Click on the name of the SecurID service.
4. Click Connection in the side navigation bar. The Authentication Service Connection Settings window will open.
5. To change the name of the service:
a. Type a 1-64 character name in the Service Name field.
b. Click Save.
c. If that is the only change you are entering, click Close. Otherwise, continue with the next steps.
6. To clear the RSA SecurID node secret for one or more DTX Control servers:
724-746-5500 | blackbox.com Page 72