DetectIT Agent for SecurID Maintenance screen

How to Get There

On the Master Menu, choose option 1.

What it Does

The objective of this program is to allow user profiles to be maintained. SecurID can be activated or deactivated for user profiles. Activating a profile allocates it to the SecurID sign-on exit point, ensuring that users signing on to IBM i with that profile must pass through the SecurID security procedures.

Deactivating a profile means any user signing on to IBM i with that profile will not go through the SecurID security process.

For SecuID to function, a communication link is required between IBM i and the RSA Authentication Manager (ACE/Server). If this is the first time the program has been used and a prior configuration does not exist between the machines, enter "Y" to create a connection.

Alternatively if a network configuration exists and you wish to maintain only user profiles, leave the value as "N". This value should always be entered once networking details between the IBM i and RSA Autentication Manager (ACE/Server) machines have been set up.

Network Configuration

This allows the networking information about the connection between IBM i and the RSA Authentication Manager (ACE/Server) machine to be entered. Communication between the two machines must be established before SecurID will function.

Please note SecurID can only check that the information is valid and relevant. A logical link may only be established here and you must first ensure the necessary physical links are in place.

IBM i TCP/IP Address

This specifies an internet address to which the machine, running IBM i responds. This address, associated with a line description and a subnet mask, defines the TCP/IP interface necessary for communication between IBM i and RSA Authentication Manager (ACE/Server).

The internet address is specified in the form nnn.nnn.nnn.nnn where nnn is an integer value between 0 and 255.

Line Description

The line description is the physical connection between the machine running IBM i and the TCP/IP network. This must be defined before the TCP/IP interface can be added.

Subnet Mask

This defines the part of the network where this interface will be attached. The subnet mask takes the form nnn.nnn.nnn.nnn where nnn is an integer between 0 and 255.

IBM i Host Name

This specifies the name of the machine, running IBM i and will correspond to the internet address entered above. A common practice is to define one short name that is unique within your local network. However, a host name may be anything from one to 255 characters in length.

Authentication Mgr Name

This defines the name of the machine running the RSA Authentication Manager (ACE/Server) software. It must correspond to the internet address of that machine and be used to communicate with the machine running IBM i.

Authentication Mgr Address

This specifies an internet address to which the RSA Authentication Manager (ACE/Server) machine responds. This address is associated with the “Authentication Mgr Name”, entered above.

The internet address is specified in the form nnn.nnn.nnn.nnn where nnn is an integer value between 0 and 255.

IBM i Domain Name

This specifies the name of the TCP/IP domain to which the machine, running IBM i belongs. This name is used along with “IBM i Host Name” to build a unique name, that's used, to reference and communicate with the IBM i machine.

Please note, if you do not wish to change your existing domain name it is important that your current domain name is entered here.

Start Agent Maintenance (STRAGTMNT)

This option allow you to specify profiles to work with for activating or de-activating SecurID Authentication.

User Profile

Specifies the user profiles to be shown.

Name
Specify the name of the user profile to be shown.
 
*ALL
All user profiles that you own or have authority to view are shown.
 
generic*
Specify the generic name of the user profiles to be shown. A generic name is a character string that contains one or more characters followed by an asterisk (*). If a generic name is specified, all user profiles that have names with the same prefix as the generic name are shown.

After selecting profiles, the Work with Profiles for DetectIT Agent screen appears.