Configuring the SecurID Agent (Replicas)

Important Considerations

  1. These instructions are compatible with Authentication Manager Version 5.0.1, or above when processing using RSA SecurID Replicas.
  2. Please ensure your IBM machine is running IBM i 7.2 (V7R2M0) or above.

System Preparation

Server Machine
  1. Sign on as the Administrator profile
    e.g. "root" on UNIX or “Administrator” on windows.
  2. Register the IBM i client as a "host" on the server
    Either edit the server’s local host table or add the machine, running IBM i within the DNS.
Client Machine (IBM i)
  1. Sign on as QSECOFR.
  2. Access the command line.
  3. Enter the command CFGTCP.
  4. Select the option to "Work with TCP/IP Interfaces". Select the option to add details of local machine:
    • Internet address: INTNETADR
    • Line description: LIND
    • Subnet mask: SUBNETMASK
  5. Select the option to "Work with TCP/IP host table entries". Select the option to add details of server & local system.
    • Internet address: INTNETADR
    • Host names: HOSTNAME
    • Text: TEXT
  6. Select the option to "Change local domain & host names"
    • Local domain name
    • Local host name
  7. Select the option to "Configure related tables".  Select the option to "Work with service table entries". Select the option to add details for service entry. The SecurID Agent defaults are:
    • Service: securid
    • Port: 5500
    • Protocol: udp
    • Text: SecurID authentication

Check System Configuration

Server Machine

Ensure the machine to host the RSA Authentication Manager is ‘up and running’.

Client Machine (IBM i)

  1. Start TCP/IP jobs.
    Use STRTCP command from command line.
  2. Check configuration.
    Ping "server" (either TCP/IP address or name).

Server Machine

Check configuration

Ping "IBM i client" (either TCP/IP address or name)

Software Installation

Server Machine

  1. Install the RSA Authentication Manager product on designated server machine as outlined within the appropriate documentation.
  2. Add the IBM i client into the RSA Authentication Manager database.
  3. Activate appropriate users for the IBM i client.
  4. Generate the required sdconf.rec configuration file.

Please refer to the appropriate Authentication Manager documentation for details of the above.

Client Machine (IBM i)

  1. Sign on as QSECOFR profile.
  2. Install the SecurID Agent software.
  3. Start TCP/IP jobs. 
    STRTCP
  4. FTPRMTSYS (server name) . 
    binary
lcd     /
cd      VAR_ACE     (data directory)
get     sdconf.rec  /var/ace/sdconf.rec
Previous Next