RSA 4.1.1 Software Token for Multiple Window … · RSA 4.1.1 Software Token for Multiple Window...

16
EUROCONTROL RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop Edition No. : 2.002 Edition Issue Date : 02 Jul 2012 Author : SIN Reference : RSA/TRD/MultipleUsers Copy No. : stamp here

Transcript of RSA 4.1.1 Software Token for Multiple Window … · RSA 4.1.1 Software Token for Multiple Window...

EUROCONTROL

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop Edition No. : 2.002

Edition Issue Date : 02 Jul 2012

Author : SIN

Reference : RSA/TRD/MultipleUsers

Copy No. : ← stamp here

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

2

Document Control Copyright Notice

© 2002 European Organisation for the Safety of Air Navigation (EUROCONTROL). All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of EUROCONTROL.

Approval Table

AUTHORITY DATE SIGNATURE

Author

SIN

Document Identification

Full Title: RSA 4.1 Software Token for Multiple Window Users on a Single Desktop

Total Number of Pages: 15

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

3

Table Of Contents

1 Introduction ........................................................................................................................ 4

2 Platforms............................................................................................................................. 4

3 Documentation ................................................................................................................... 4

4 Create 2 registry scripts .................................................................................................... 4 4.1 Script 1 ........................................................................................................................... 4 4.2 Script 2 ........................................................................................................................... 5

5 Download the RSA 4.1 for desktop................................................................................... 6

6 Token seeds........................................................................................................................ 6

7 Installation procedure........................................................................................................ 6 7.1 Logon as PC administrator ............................................................................................. 6

8 Execute both registry scripts............................................................................................ 7

9 Start the RSA software ...................................................................................................... 9 9.2 Logon as basic user ..................................................................................................... 11

10 Installation of a second token......................................................................................... 12 10.1 Install a second token on the same desktop ................................................................ 12 10.2 Logon as administrator again ....................................................................................... 12

11 Problems ........................................................................................................................... 15

DOCUMENT FINAL PAGE ........................................................................................................ 16

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

4

1 Introduction (1) The purpose of this documentation is to give guidance to CFMU customers on how to configure

the RSA software token 4.1 for multiple Windows users using a single desktop.

(2) It is assumed that the reader is an experienced PC administrator.

(3) Execute step as described by these snapshots.

(4) It is assumed that the RSA was never installed prior to this installation.

a) If RSA was already installed, you need to remove the software, remove all traces of RSA folder and registry setting.

b) So it is recommended to “try” this procedure on a “clean” PC.

2 Platforms (1) This procedure has been validated on Windows XP and Windows 7.

3 Documentation (1) This documentation is available @

(2) http://www.cfmu.eurocontrol.int/chmi_appsoft/CHMI/Tokens/RSA411-documentation_for_multiple_windows_users_using_the_same_desktop.pdf

4 Create 2 registry scripts

4.1 Script 1 1. With notepad, create a script name “RSA-policies-part1.reg” 2. The content is

Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\RSA] "DisableSetDevicePassword"=dword:00000000 "ValidDevices"=hex(7):00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\RSA\Software Token] "DisableSetDevicePassword"=dword:00000000 "ValidDevices"=hex(7):00,00

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

5

4.2 Script 2 (1) With notepad, create a script name “RSA-deskop-part2.reg”

(2) The content is Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\RSA] [HKEY_LOCAL_MACHINE\SOFTWARE\RSA\RSA Desktop Common] [HKEY_LOCAL_MACHINE\SOFTWARE\RSA\RSA Desktop Common\RSA P11] [HKEY_LOCAL_MACHINE\SOFTWARE\RSA\Software Token] [HKEY_LOCAL_MACHINE\SOFTWARE\RSA\Software Token\Desktop] "InstallDir"="C:\\Program Files\\RSA SecurID Software Token\\" "LegacyDatabaseKey"=hex: [HKEY_LOCAL_MACHINE\SOFTWARE\RSA\Software Token\Library] "AutomationDllPath"="C:\\Program Files\\RSA SecurID Token Common\\" "LogLevel"="INFO" "InstallDir"="C:\\Program Files\\RSA SecurID Token Common\\" "CopyProtection"=dword:00000000 @="" "DatabasePath"="c:\\RSA SecurID Software Token Library" "SingleDatabase"=dword:00000001 "CopyToSystem32"="TRUE"

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

6

5 Download the RSA 4.1 for desktop (1) If not done, download:

(2) http://www.cfmu.eurocontrol.int/chmi_appsoft/CHMI/Tokens/RSASecurIDToken411.zip

6 Token seeds (1) Ensure that you have the appropriate token seed (user1_ serial_number1.sdtid) and user2_

serial_number2.sdtid.

(2) The documentation will be based on these 2 usernames and has been tested up to 4 usernames on the same desktops.

7 Installation procedure

7.1 Logon as PC administrator

(1) Extract RSASecurIDToken411.msi from the zip file above.

(2) Execute: RSASecurIDToken411.msi on the target PC

a) Select US or Europe

b) Accept all default setting

(3) Do not start the RSA application (ensure that the box is deselected)!

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

8 Execute both registry scripts (1) Execute RSA-policies-part1.reg

7

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

(2) Execute RSA-deskop-part2.reg

(3) These 2 scripts will change the location of the RSA seed database from the default location to

the new location (from c:\Documents and Settings\ECUSER\Local Settings\Application Data\RSA\RSA SecurID Software Token Library\RSASecurIDStorage to c:\RSA SecurID Software Token Library\ RSASecurIDStorage).

(4) The folder c:\RSA SecurID Software Token Library\ RSASecurIDStorage must has the appropriate permissions to be accessible by all users of this desktop.

8

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

9 Start the RSA software (1) Double click on the user1_serial_number1.sdtid.

(2) Enter the appropriate installation password as indicated by the password file (user1.txt).

(3) Select change username

(4) Add the user name as a prefix the serial number.

9

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

(5) The token seed should be correctly installed and the token name appears in the top left corner.

(6) Click right arrow to display the token code.

(7) If you see a visible Token code number, you may proceed to the next step.

10

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

9.2 Logon as basic user

(1) Logoff as admin account

(2) Login as another account (not necessarily admin account)

(3) Verify with another user whether the token passcode information is visible.

(4) Then the operation is successful.

(5) For all other Windows accounts, these tokens willl be propagated.

11

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

10 Installation of a second token

10.1 Install a second token on the same desktop

(1) If you need to install a second token on the same desktop, follow the following steps.

10.2 Logon as administrator again

(1) If the token is visible, you may then proceed with the remaining token installation.

(2) Install token seeds with preferably with an admin account.

(3) Snapshot for user2

(4) Enter password.

(5) When prompted, change the name

(6) Click on Change the name

12

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

(7) Add, the user name as prefix of the serial number (leave the serial number, it will allow

Eurocontrol to identify the RSA token). Then click OK.

Click OK.

13

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

(8) When a second token seed is installed, a token drop down menu is visible

(9) You can select another RSA user via the drop down menu.

(10) A list of user can be displayed via option/Token Storage Devices

14

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

11 Problems (1) If you see do not see the token information but see a window: “enter Device Password”

(2) This means that the token database is not been correctly initialised.

(3) Action:

a) Close the RSA software

b) You will need to delete c:\RSA SecurID Software Token Library\ RSASecurIDStorage) with the admin account.

c) Then redo from section §7 (start RSA software).

L

15

CFMU   EUROCONTROL Document Title: Document Reference:

RSA 4.1.1 Software Token for Multiple Window Users on a Single Desktop

RSA/TRD/MultipleUsers

Edition: 2.002

16

DOCUMENT FINAL PAGE To properly report any fault, or to propose a modification concerning the present document, please contact: [email protected]