4.1.1. Registry entries

Some settings of Authentication Agent (AA) can be modified through the Windows Registry. Launch the registry editor by issuing the regedit command (either from a command prompt or through Start > Run application.

The parameters of the Authentication Agent are located under HKEY_LOCAL_MACHINE\SOFTWARE\BalaBit\Satyr.

The component column contains the name of the component related to the parameter. This component has to be restarted if a value is modified (that is, the Satyr Multiplexer service for Authentication Agent Multiplexer, the Satyr Client application for Authentication Agent).

To restart the Authentication Agent Multiplexer, right-click on the Satyr Multiplexer element of the Start menu > Settings > Control panel > Administrative Tools > Services list and select Restart.

The following settings are available from the registry:

Name

Description

Default value

Component

aliasfile

The name and path (for example, C:\tmp\aliases) of a text file. Using the information contained in this file, the Authentication Agent Multiplexer can redirect the authentication of certain users to a different user in multi-user environments. For example, to redirect the connection authentication of the Administrator user to MainUser enter the following line: Administrator: MainUser.

1

Multiplexer

Automatic

To enable the automatic Kerberos authentication without user interaction with the Authentication Agent, set it to 1. In this case, Authentication Agent will use the username provided during Windows login.

1

Client

Can Remember

To save your credentials so that the client will fill the username and password automatically for later authentication attempts, set this parameter to 1. If set to 0, the credentials will not be saved and have to be re-entered again.

1

Client

Details

The authentication agent displays the details of the connection in the popup dialog if this parameter is set to 1. The following information is displayed: name of the application initiating the connection, IP address and port of the destination server, name of the PNS service started, and the type of the connection (TCP/UDP). If the details are disabled, only the name of the service is displayed.

0

Client

Has Preferences

To enable the Preferences menu item in the system tray icon of Authentication Agent, set this parameter to 1. Otherwise, this menu item will not be available.

1

Client

Forget Password Interval

To prevent unauthorized initiation of network connections through unattended machines, configure this parameter. Enter the number of minutes after which Authentication Agent deletes the stored password.

1

Client

Forget Password

To store the authentication password indefinitely in the Authentication Agent, set this parameter to False. This sets the Forget Password Interval parameter to infinite.

1

Client

LOG_CLIENT

The verbosity level of the authentication client, ranging from 0 (lowest) to 9. Only increase log verbosity if it is necessary (for example, for troubleshooting purposes), because setting it to higher than 3 can result in very large log files. The log files are stored in the %SystemRoot%\Debug folder (for example, C:\WinNT\Debug or C:\Windows\Debug).

Note

On Windows 7 platforms, if the Authentication Agent is run under a user account, the log files are stored under the C:\Users\balabit\AppData\Local\VirtualStore\Windows\debug\ folder. When run as Administrator, the log files are stored under the C:\Windows\Debug\ folder on Windows 7 too.

0

Client

LOG

The verbosity level of the Authentication Agent Multiplexer, ranging from 0 (lowest) to 9. Only increase log verbosity if it is necessary (for example, for troubleshooting purposes), because setting it to higher than 3 can result in very large log files. The log files are stored in the %SystemRoot%\Debug folder (for example, C:\WinNT\Debug or C:\Windows\Debug).

0

Multiplexer

SSL

To configure the Authentication Agent Multiplexer so that it only SSL-encrypted connections, set this parameter to 1.

1

Multiplexer

Previous Up Next
 Home