Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

SafeNet Agent for NPS

NPS communication settings

search

Please Note:

NPS communication settings

Note

To set the encryption settings, the Agent Key File must be downloaded from the SAS PCE/STA Management Console. Ensure that the Agent Key File is secured on your file system in a system-protected folder, accessible only to privileged accounts.

To configure communication settings, perform the following steps:

  1. Select Communication Settings tab.

    Communication settings

  2. In the Location (IP:Port) field, enter the SAS PCE/STA server name.

  3. Select one of the following options:

    • Use SSL (requires valid certificate) – SSL must be used.

    • Ignore server SSL certificate check – SSL is not required.

    The use of SSL certificates is strongly recommended.

  4. If a failover SAS PCE/STA server is required, select Specify failover server (optional) and complete the following steps:

    1. In the Location (IP:Port) field, enter the SAS PCE/STA server name.

    2. Select one of the following options:

      • Use SSL (requires valid certificate) – SSL must be used.

      • Ignore server SSL certificate check – SSL is not required.

    3. In the Attempt to return to primary server every field, enter the number of minutes required between each attempt to return to the primary server.

  5. In the Strip NetBIOS prefix (domain\username will be sent as username) field, select if the SAS PCE/STA username is required without the prefix domain\.

    Note

    The realm-stripping feature applies to SAS PCE/STA usernames only. Active Directory usernames are not affected.

  6. In the Timeout for agent communication field, enter the maximum timeout (in seconds) for each authentication attempt. For example: If a maximum timeout of 10 seconds is entered, and the authentication response takes longer than 10 seconds, the system will timeout.

  7. In the Agent Key File field, click Browse and navigate to the file.

    Note

    • It is strongly recommended to use the default location for the Agent Key File, to avoid possible errors. If you need to use a new Agent Key File, replace it at the default location.

    • To use the AES-GCM key standard, the administrator needs to download a new Agent.bsidkey file from the SAS PCE/STA server, and update it in the agent at Configuration Management > Communications > Agent Encryption Key File. To download the Agent.bsidkey file:

      1. Log in to your SAS PCE/STA server account and navigate to COMMS > Authentication Processing.

      2. Under Task list, click Authentication Agent Settings and download the Agent.bsidkey file.

  8. Click Apply.

  9. Restart NPS.

On this page