Configure an Agent for Trusted Realm Authentication

You must specify which authentication agents are available for trusted realm authentication.

On each agent in your realm, you specify one of the following:

• Not open to trusted users

• Open to all trusted users

• Open only to trusted users in trusted user groups

For a one-way trust, the trusted realm administrator enables the agents for authentication in the trusted realm. For a two-way trust, you and the trusted realm administrator enable the agents in both your realms.

Before you begin 

• Add a Trusted Realm

• Create a new agent configuration file that specifies 25 seconds for a response from the server. For instructions, see Generate the Authentication Manager Configuration File.

Procedure 

1. In the Security Console, click Access > Authentication Agents > Manage Existing.

2. Use the search fields to find the agent that you want to configure.

3. From the search results, click the authentication agent that you want to configure.

4. From the context menu, click Edit.

5. Do one of the following:

   • If you do not want trusted users to access this agent:

     1. Under Trusted Realm Settings, ensure that Enable Trusted Realm Authentication is not selected.

     2. Click Save.

   • If you want trusted users to access this agent:

     1. Under Trusted Realm Settings, select Enable Trusted Realm Authentication.

     2. For Trusted User Authentication, select one of the following:

        • Open to all Trusted Users. This option automatically designates users from a trusted realm as trusted users after successful authentication.

        • Only Trusted Users in Trusted User Groups with access to the agent can authenticate. These trusted users and trusted user groups are manually created by the administrator.

     3. Click Save.