Configuring SafeNet

To configure SafeNet:

1. In the Parallels RAS console, navigate to the Connection / Second Level Authentication tab.
2. In the Provider drop-down list, select SafeNet .
3. C lick the Settings button. The SafeNet Properties dialog opens.
4. On the Connection tab, enter the valid URL into the OTP Service URL field. To verify that the connection with the OTP Service can be established, click the Check connection button.

   Note: RAS Publishing Agent communicates with the SafeNet Token Management System Server. It is highly recommended to have this behind a firewall for security reasons.

5. Click the Authentication tab.
6. In the Mode drop-down list, select how you want your users to be authenticated.

   Mandatory for all users: every user using the system must login using two-factor authentication.

   The available modes are:

   • Create token for Domain Authenticated Users : Allows Parallels RAS to automatically create software tokens for Domain Authenticated Users. Choose a token type from the drop down list. Note that this option only works with software tokens.
   • Use only for users with a SafeNet account : Allows users that do not have a SafeNet account to use the system without having to login using two-factor authentication.
7. In the TMS Web API URL field, enter the location of the SafeNet API URL.
8. In the User Repository field, enter the user repository destination.
9. Click OK to save the values and close the SafeNet Properties dialog.

Parallels Client

In Parallels Client — New Account Info dialog:

1. Enter any four digits in the OTP PIN number field (these digits will be required further on in the process).
2. Enter your email address and then click on OK .
3. Log into your email account and retrieve the email containing the information you will need to activate your SafeNet authentication. An example of this email is shown below.

   Activation Key: YZQHoczZWw3cBCNo

   Token Serial: 4F214C507612A26A

   Download MobilePASS client from: http://localhost:80/TMSService/ClientDownload/MobilePASSWin.exe

   *Login with domain credentials.

   *Place the attached seed file in the same folder as the MobilePASS client.

   Enter the One-Time Password to log into the RD Session Host Connection.

   Application PIN: 4089

4. Download the MobilePASS client from the URL provided in the email.
5. Enter the Activation Key found in the SafeNet email.
6. Next, input the application PIN found in the email into the MobilePASS PIN field.
7. Click Generate to generate the eToken number and then click Copy .
8. Combine the OTP PIN and eToken in this order: OTP + eToken.
9. Enter this value into the Parallels Client and click OK to log in.