000031460 - Using RSA SecurID Software Token 5.0 for Windows with Citrix non-persistent Xenapp virtual desktops

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support on Jul 24, 2019
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000031460
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager, RSA SecurID Software Token 5.0 for Windows w
RSA Version/Condition: 8.x
8.x
IssueThe user will need to reimport the software token every time they access the Xenapp desktop.

The RSA SecurID Software Token 5.0 for Windows token file is removed every time a user logs off the virtual desktop, thus the token files must be stored in a single database accessed by all users.

To create a single database, you must install the desktop application from the msiexec command line, using the SETSINGLEDATABASE property.  This property creates a single database in the All Users directory. When the user starts prelogon to the VPN client, for example, the VPN client retrieves a token from All Users.
ResolutionThe following command creates a single token storage database that is not associated with a specific user. 

Install a single token database to the default location



  • For the standard desktop application, type:

msiexec /qn /i pathname\RSASecurIDToken500.msi /lv c:\install.log SETSINGLEDATABASE=TRUE


  • For the RSA SecurID Software Token with Automation, type:

msiexec /qn /i pathname\RSASecurIDTokenAuto500.msi /lv c:\install.log SETSINGLEDATABASE=TRUE



Install a single token database to a non-default location


Using an absolute path with the SETDATABASEDIR property creates a single database instance that is owned by the first user to use the application.  The first example specifies an absolute path that begins with the drive letter and a backslash: drive:\. The second example uses the %HOMEDRIVE% Windows environment variable to specify the drive letter that is set in Active Directory.

 


  • For the standard desktop application, type:

msiexec /qn /i pathname\RSASecurIDToken500.msi /lv c:\install.log SETSINGLEDATABASE=TRUE SETDATABASEDIR=c:\LocalDir


 


  • For the RSA SecurID Software Token with Automation, type:

msiexec /qn /i pathname\RSASecurIDTokenAuto500.msi /lv c:\install.log SETSINGLEDATABASE=TRUE  SETDATABASEDIR=%HOMEDRIVE%\LocalDir
NotesThe SETDATABASEDIR should be a drive, not a directory 

Attachments

    Outcomes