000020588 - AIX authentication has changed in RSA ACE/Server 5.1

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000020588
Applies ToIBM AIX
RSA ACE/Server 5.1 (no longer supported as of 7-14-2006)
AIX version 5.1 changes the authentication method for sdshell_auth
sdshell_auth
IssueAIX authentication has changed in RSA ACE/Server 5.1
AIX users fail to logon using sdshell_auth
ResolutionFor AIX 5L v5.1 Agent Hosts:

1. In the ACEPROG directory, create a shell script containing the following lines:

#!/bin/sh
installation path/sdshell_auth $*
exit $?

where installation path is the full path to the ACEPROG directory.

2. Set the permissions and ownership of the file to the following:

        ---s--x--x root

3. As root, edit /usr/lib/security/methods.cfg. Add

SECURID:
program = ACEPROG/<shell script name>

where <shell script name> is the name of the shell script you created in step 1.

4. If you prefer to perform the configurations using smit, go to step 5. Otherwise, to perform the configurations manually:

As root, edit /etc/security/user.

To set as the default, under Default, change the system and auth1 lines to:

SYSTEM = "NONE"
auth1 = securid

To set for individual users, under each user?s login name, add the following:

SYSTEM = "NONE"
auth1 = securid

5. To perform the configurations using smit:

Select Security and Users.
Select Users.
Select Change/Show Characteristics of a user.
Specify the user's name.

Change the login authentication grammar line to:

        Login AUTHENTICATION GRAMMAR NONE

Change the primary authentication method line to:

        PRIMARY authentication method securid
Legacy Article IDa17730

Attachments

    Outcomes