000032586 - How to replace the default prompt strings used in RSA SecurID authentication with customized strings for RSA Authentication Manager 8.1

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support on Apr 12, 2018
Version 5Show Document
  • View in full screen mode

Article Content

Article Number000032586
Applies ToRSA Product Set: SecurID
RSA Product/Service Type:  Authentication Manager
RSA Version/Condition: 8.1 SP 1
IssueThis article explains the steps for replacing the default prompt strings used in RSA SecurID authentication with customized strings.
ResolutionRSA Authentication Manager 8.1 software comes as a virtual appliance that is supported in either a VMware or Microsoft Hyper-V environment, or a hardware appliance with its own SUSE Enterprise Linux operating system.
 
The securid.ini file lets administrators replace the default prompt strings used in RSA SecurID authentication with customized strings. Customized prompt strings are useful in situations where the default prompt strings are too long to display correctly. The install or home directory for RSA Authentication Manager 8.1 is /opt/rsa/am and the securid.ini file for RADIUS resides in the /opt/rsa/am/radius directory. Chapter 3 of the RSA Authentication Manager 8.1 SP1 RADIUS Reference Guide provides detailed information about the securid.ini file.
 

Please ensure you make a copy of the securid.ini file before making any changes, as troubleshooting requires reverting back to the default securid.ini file.



Where there is more than one Authentication Manager instance in the deployment, then the update will be required on all Authentication Manager instances, as the change does not get replicated from one Authentication Manager instance to another.

Modifying the securid.ini file is done with operating system access. To obtain operating system access,
  1. Launch the Operations Console.
  2. Navigate to Administration > Operating System Access.
  3. Select the option to enable SSH to interface eth0.
  4. Click Save.
 

The user account required to access the operating system is rsaadmin and the password for this account was set during the deployment of the Authentication Manager instance by an administrator/operator.



RADIUS .ini files can be modified via the Operations Console.  In the Operations Console,
  1. Select Deployment Configuration > RADIUS Servers. 
  2. You will be prompted to enter superadmin credentials.
  3. Click on the Server Name and select Manager Server Files.
  4. Click on securid.ini and select Edit.
  5. Make required changes to the prompts as directed in the RSA Authentication Manager 8.1 SP1 RADIUS Reference Guide, such as:


GREETING=Welcome to RSA Software”


  1. Click Save & Restart RADIUS Server.

Using the Operations Console to make changes does not allow the administrator to make a copy of the file before performing a change. The administrator could copy the full file content and save the default settings in a new file before making the required changes.

Attachments

    Outcomes