000019412 - How to configure XWindows or CDE for RSA SecurID authentication on Sun Solaris

Document created by RSA Customer Support Employee on Jun 15, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019412
Applies ToRSA ACE/Agent for UNIX
UNIX (AIX, HP-UX, Solaris)
Sun Solaris
IssueHow to configure XWindows or CDE for RSA SecurID authentication on Sun Solaris
How to configure using an Xstartup file not located in the default location
Not prompted for PASSCODE
ResolutionThe instructions in the installation guide appendix "Protecting XWindows Logins" may not work if you have customized your XWindows environment. Modify the following files in /etc/dt/config/ if they are there. You may also choose to copy the files there prior to modification so that you will maintain the original copies in /usr/dt/bin and /usr/dt/config/. In addition, upgrading the OS will overwrite changes to files in /usr/dt/.

- Create the directory /etc/dt/config/

- Copy the files /usr/dt/bin/Xsession/ , /usr/dt/config/Xconfig/ , and /usr/dt/config/Xstartup/ into /etc/dt/config

- Edit the file /etc/dt/config/Xconfig/

  - uncomment the line "Dtlogin*authorize:        False"

 

  - add an addition line "Dtlogin*session:       Xsession" to Xconfig after the 'Dtlogin*setup' line to ensure the local Xsession in /etc/dt/config is called

- Edit the file /etc/dt/config/Xsession/

- Add the following section to the beginning of the file under #!/bin/ksh:

TESTSHELL=`/<agentinstdir>/ace/prog/sdfindshell`
if [ -n "$TESTSHELL" ] ; then
SHELL=$TESTSHELL ; export SHELL
fi

- Append the Xprompt script to the file /etc/dt/config/Xstartup (this task must only be performed once):

cat /<agentinstdir>/ace/prog/Xprompt >> /etc/dt/config/Xstartup

 

  * <agentinstdir> is the location on the UNIX system where you install RSA Authentication Agent 5.2 for UNIX e.g. /opt


The Xconfig file can be modified to point to an alternative location for Xstartup so if you are still having problems then look in Xconfig for the entry for "Dtlogin*startup:" to find the location of Xstartup. The location of Xsession is specified in /usr/dt/config/Xsession.ow.

 

echo /<agentinstdir>/ace/prog/sdshell >> /etc/shells

 

Stop and Re-start the dtlogin service (or alternatively reboot the system).

Legacy Article IDa9330

Attachments

    Outcomes