Allow Users to Authenticate on an Agent

Use the following procedure to allow a user to authenticate on a restricted agent or to enable the use of logon aliases on a restricted or unrestricted agent.

Restricted authentication agents process authentication requests only from users who are members of user groups that have been granted access to the restricted agent. Users who are not members of an associated user group cannot use the restricted agent to authenticate.

Using restricted agents increases administrative overhead because administrators must explicitly associate user groups with the agents. In contrast, any registered user can be authenticated on an unrestricted agent.

To authenticate on a restricted or unrestricted agent with a logon alias, a user must belong to a user group that is associated with the logon alias and that is enabled for authentication on the agent.

Procedure

  1. In the Security Console, click Access > Authentication Agents > Manage Existing.

  2. Click the Restricted or the Unrestricted tab.

  3. Use the search fields to find the agents to which you want to grant access or enable logon aliases.

  4. Select the checkbox next to the agents to which you want to grant access or enable logon aliases.

  5. Do one of the following:

    • For restricted agents, select Grant Access to User Groups from the Action menu, and click Go.

    • For unrestricted agents, select Enable Logon Aliases from the Action menu, and click Go

  6. Use the search fields to find the user groups to which you want to grant access or enable logon aliases.

  7. Select the checkbox next to the user groups to which you want to grant access or enable logon aliases.

  8. Do one of the following:

    • For restricted agents, click Grant Access to User Groups.

    • For unrestricted agents, click Enable Aliases Associated with User Groups.

Related Concepts

RSA Authentication Agents