You can specify a certain Advanced Authentication server on a workstation that can be used when a workstation is joined to a domain, but user wants to force connection to a specific Advanced Authentication server and when a workstation with Mac OS X Client is not joined to a domain.
In the /Library/Security/SecurityAgentPlugins/aucore_login.bundle/Contents/etc/aucore_login.conf file, configure discovery.host = <IP_address|domain_name>.
For example, discovery.host = 192.168.20.40 or discovery host = auth2.mycompany.local.
You can specify a port number (optional parameter) for the client-server interaction: discovery.port = <portnumber>.
The Advanced Authentication server receives the client connections through the port 443 by default. However, if the port redirection is configured on the network between the client and server then you can customize the port number manually. In the config.properties file of the client, you must use discovery.port parameter to enable the client to discover and pair with the Advanced Authentication server.
NOTE:For Mac OS logon event, select the OS Logon (local) Event type if you want to use Mac OS X Client on non-domain joined workstations.