2.2 Using a Specific Advanced Authentication Server

You can specify an Advanced Authentication server with daemon host on the Authentication Agent that can be used when a workstation is not joined to a domain. You can also use this option when the user wants to force a connection to a specific Advanced Authentication server when a workstation with Authentication Agent is joined to a domain.

When the Authentication Agent is installed on a Windows workstation without Windows Client, the agent uses the parameters configured in its own config.properties file to discover a specific server.

To enable the Authentication Agent to discover a specific server, perform the following steps:

  1. Navigate to the path C:\ProgramData\NetIQ\AdvancedAuthenticationAgent.

  2. Open the file config.properties.

    The file contains the following parameters with preset values by default:

    • discovery.host: aafserver.local

    • discovery.port: 443

    • oobAgent.daemonHost: oobserver.local

    • oobAgent.daemonPort: 443

    The above parameters are prefixed with the comment syntax (#) by default.

  3. Remove the comment syntax and set a valid host address and port number for each parameter.

    For example, discovery.host = 192.168.20.40 or discovery.host = auth2.mycompany.local

    The parameters discovery.host: aafserver.local and discovery.port: 443 allows the Authentication Agent to discover the server and register the user for logging in to the agent.

    The parameters oobAgent.daemonHost: oobserver.local and oobAgent.daemonPort: 443 are designed to make the agent wait for the new authentication requests on the Daemon host then examine and accept these authentication request initiated using the Authentication Agent chain from another computer.

    NOTE:If the parameters oobAgent.daemonHost and oobAgent.daemonPort are not configured, then the agent applies the same host address and port that been set for the parameter discovery.host and discovery.port automatically to examine and accept any authentication request initiated using the Authentication Agent chain.

  4. Save the configuration.

  5. Restart the system.

NOTE:If Windows Client and Authentication Agent are installed on a Windows workstation, the agent applies same approach as Windows client to discover the Advanced Authentication server.