4.1.1. Registry entries on Microsoft Windows platforms

Some settings of Authentication Agent (AA) can be modified through the Windows Registry. Launch the registry editor by issuing the regedit command (either from a command prompt or through the Start button).

In the Registry Editor, the Authentication Agent parameters are located under: HKEY_LOCAL_MACHINE\SOFTWARE\Balasys\AuthAgent for the Multiplexer and HKEY_CURRENT_USER\Software\Balasys\AuthAgent for the Client application.

The component has to be restarted if a value is modified (that is, the Authentication Agent Multiplexer service for Authentication Agent Multiplexer, the Authentication Client application for Authentication Agent).

To restart the Authentication Agent Multiplexer, select the Start button, type Services and then press Enter. Select Authentication Multiplexer on the list, then Restart it.

The following settings are available from the registry:

The following table presents the available settings from the registry for the Client application. (These setting may not exists by default, and should be created to override default behaviour)

Name

Description

Default value

Automatic

To enable the automatic Kerberos authentication without user interaction with the Authentication Agent, set it to 1. In this case, Authentication Agent will use the username provided during Windows login.

0

CanRemember

To save your credentials so that the client will fill the username and password automatically for later authentication attempts, set this parameter to 1. If it is set to 0, the credentials will not be saved and have to be reentered again.

1

Details

The Authentication Agent displays the details of the connection in the popup dialog if this parameter is set to 1. The following information is displayed: the name of the application initiating the connection, the IP address and the port of the destination server, the name of the PNS service started, and the type of the connection (TCP/UDP). If the details are disabled, only the name of the service is displayed.

0

ForgetPassword

To enable password expiration defined by ForgetPassword interval, set this value to 1. Default value of 0 disables password expiration.

0

ForgetPasswordInterval

To prevent unauthorized initiation of network connections through unattended machines, configure this parameter. Enter the number of minutes after which Authentication Agent deletes the stored password and requires authentication for new connection requests.

1

HasPreferences

To enable the Preferences menu item in the system tray icon of Authentication Agent, set this parameter to 1. Otherwise, this menu item will not be available.

1

LogClient

It marks the verbosity level of the authentication client, ranging from 0 (lowest) to 9. Increase the log verbosity only if it is necessary (for example, for troubleshooting purposes), because setting it to higher than 3 can result in very large log files.

The log file is stored in the user's home directory.

0

Table 4.1. Registry setting options for the Client application

The following table presents the available settings from the registry for the Multiplexer.

Name

Description

Default value

AliasFile

This is the name and path (for example, C:\tmp\aliases) of a text file. Using the information contained in this file, the Authentication Agent Multiplexer can redirect the authentication of certain users to a different user in multi-user environments. For example, to redirect the connection authentication of the Administrator user to MainUser enter the following line: Administrator: MainUser.

Log

It is the verbosity level of the Authentication Agent Multiplexer, ranging from 0 (lowest) to 9. Increase log verbosity only if it is necessary (for example, for troubleshooting purposes), because setting it to higher than 3 can result in very large log files.

The log file is stored in the %SYSTEMROOT%\System32\config\systemprofile folder.

0

TLS

To configure the Authentication Agent Multiplexer so that it uses only TLS-encrypted connections, set this parameter to 1.

1

VerifyDepth

It is the maximum length of the verification chain.

3

Table 4.2. Registry setting options for the Multiplexer

Previous Up Next
 Home