2.13 Configuration to Enable the Authentication Agent Chain

The Authentication Agent allows you to authenticate on one computer where all the devices required for authentication are connected to get authorized access to another computer or z/OS mainframe, where one of the following condition is true:

  • It is not possible to redirect the authentication devices.

  • It does not support the devices used for authentication.

The Authentication Agent can be installed only on the Windows computer.

You must select Authentication Agent in the Chains list of Mac Client to initiate the authentication process on Windows computer where the Authentication Agent is installed.

To enable the Authentication Agent chain in the Mac Client, perform the following steps:

  1. Navigate to the path /Library/Security/SecurityAgentPlugins/aucore_login.bundle/Contents/etc/ and open aucore_login.conf file.

    If the configuration file does not exist, create a new file.

  2. Specify authentication_agent_enabled=true in the configuration file.

  3. Click Save.

  4. Restart your computer.

An Example Scenario of Using the Authentication Agent

This scenario describes how you can perform authentication on Windows computer and auto-sign in to Mac computer using the Authentication Agent.

Amrita wants to log in to Mac computer using the Fingerprint authentication method. However, she cannot get authenticated to Mac computer because the fingerprint reader is not supported and cannot redirect the authentication device. In this case, Amrita can use the Authentication Agent to perform authentication on Windows computer and get authorized access to Mac computer.

The following sequence describes the authentication process using the Authentication Agent:

  1. Specify user name and the chain number corresponding to the Authentication Agent chain in Mac computer.

  2. The Authentication Agent on Windows computer launches a restricted browser.

  3. Select the preferred chain to log in to Mac computer in the restricted browser.

  4. Perform the authentication using the Fingerprint reader in the restricted browser.

    Amrita is logged in to Mac computer automatically.