How to Configure SafeNet Login
Managing online identities and access roles is becoming increasingly difficult for organizations, especially when trying to scale the deployment of cloud and web apps. Added troubles arise when the efforts to manage identities compromise regulatory compliance or user convenience. SafeNet Trusted Access is a solution to all these problems.
SafeNet Trusted Access is a single sign-on (SSO) solution that offers Identity–as–a–Service (IaaS) with granular access security. All in all, it streamlines cloud identity management, eliminates the hassle of passwords, offers a single pane of glass to view events, and manages correct access to cloud applications from a single console.
Steps to configure SafeNet Login
SafeNet Login needs to be configured both in the Parallels RAS Console and in the Parallels RDP Client.
Configuring SafeNet Login in the Parallels RAS Console
In the Parallels RAS Console, navigate to the Connection/Multi-factor authentication tab and, in the Provider drop-down list, select SafeNet.
Click on the Settings button. In the Connection tab, enter the valid URL in the OTP Service URL field. To verify that the connection with the OTP Service can be established, click on the Check connection button.
On the Authentication tab, in the Mode drop-down list, select how users will be authenticated:
- Mandatory for all users: Every user using the system must log in using two-factor authentication.
- Create token for Domain Authenticated Users: This allows RAS to automatically create software tokens for Domain Authenticated Users.
- Use only for users with a SafeNet account: Allows users that do not have a SafeNet account to use the system without having to log in using two-factor authentication.
In the TMS Web API URL field, enter the location of the SafeNet API URL and then, in the User Repository field, enter the user repository destination. Click OK to save the values and close the SafeNet Properties dialog.
When configuring multi-factor authentication, exclusion rules can be created to allow some users to be exempt from multi-factor authentication enforcement. These exception rules can be set specifying user and groups, client IP and MAC addresses, or connections to certain Gateways.
Configuring the Parallels RDP Client
Once SafeNet login has been configured, users connecting to the RAS environment will be prompted to enter a four-digit OTP PIN (these digits are chosen by the user and will be required later) and an email address.
Users will receive an email containing all required information to activate the SafeNet Authentication. An example of this mail is shown below.
Activation Key: YZQHoczZWw3cBCNo Token Serial: 4F214C507612A26A Download MobilePASS client from: http://TMSWeb/TMSService/ClientDownload/MobilePASSWin.exe *Login with domain credentials. *Place the attached seed file in the same folder as the MobilePASS client. Enter the One-Time Password to log into the RD Session Host Connection. Application PIN: 4089
- Download the MobilePASS client from the provided URL and enter the Activation Key found in the email.
- After that, input the application PIN found in the email in the MobilePASS PIN field.
- Click Generate to generate the eToken number and then click Copy to put it on the clipboard.
- Finally, combine the OTP PIN and eToken in this order OTP + eToken, enter this value in the Parallels Client and click OK to log in.
Supported Operating Systems
MobilePass Client and the Parallels Client are available for the following client devices:
- Android 4.4 and later
- iOS 11.0 and later
- Windows 7, 8.x and 10
- Windows Server 2008 R2 and later
- macOS 10.11 and later
Related How To’s
How Parallels RAS helps businesses to be PCI DSS Compliant
How to Enable Your Team to Access What They Need, Anywhere, Anytime
RDP Two Factor Authentication For RDS 2019 | Parallels Insights
Need further information or assistance? Please don’t hesitate to contact us or get your free 30-day trial of Parallels RAS today.