Contents x
    RapidIdentity Portal Integration
    • 24 Mar 2023
    • 4 Minutes to read
    • Contributors
    • Dark
      Light
    • PDF
    Contents

    RapidIdentity Portal Integration

    • Updated on 24 Mar 2023
    • 4 Minutes to read
    • Contributors
    • Dark
      Light
    • PDF
    Article Summary

    Kerberos Authentication

    Features

    Kerberos authentication allows the user to log in without having to enter their username and password when they are already logged in from a domain-joined Windows workstation.

    Kerberos authentication establishes the user based on the account the application is running as. In this case, when you launch the portal, the browser must be launched as the current XA user to establish the correct authentication context.

    Kerberos Authentication must be initially configured in RapidIdentity Portal. For assistance with this initial setup see How to Configure Kerberos Authentication in the RapidIdentity Administrator's Guide.

    Establishing a Run As Connection

    Creating a New Windows Application in ExactAccess

    To create a Windows Application link on ExactAccess Desktop/RapidIdentity Classroom View that does not require sign-on, the process includes the following major steps:
    Enabling a New Application in ExactAccess
    To enable a new application, follow the instructions below.

    1. Enable a new application in ExactAccess
    2. Add the new application to the XA Organization Map
    3. Assign a role to the application
    4. Deploy the Connector files
    5. Create a link to the Connector

    1 - Enable a new application in ExactAccess

    1. Log into XA as a user with permissions to use the ExactAccess Administrator application.
    2. Select the ExactAccess Administrator link on the ExactAccess Desktop/RapidIdentity Classroom View(or click Start > Programs > HealthCast > ExactAccess > Utilities > ExactAccess Administrator).
    3. Right-click the application in the Applications Frame.
    4. Select Enable New Application and enter the following information:
      1. Enter Display Name: The name of the control item as it will show up in XA and on XA Desktop. This should be something meaningful to the users.
      2. Enter Application ID: Select Generate ID.
      3. Enter Application Executable: The exe name of the application.
      4. Enter Application Command line Parameters: Enter here if the application requires command line parameters.
      5. Check the box next to Active Directory Passthrough.
      6. Select OK.
        image.png

    2 - Add the new application to the XA Organization Map

    Once an application has been enabled and registered within ExactAccess, it will appear as a Control Item in the Applications Frame and is available to be clicked and dragged onto the Organization Map.

    1. Select an application and drag it to the appropriate item within the Organization Map.
    2. Click Yes to confirm.

    3 - Assign a role to the application

    image.png

    1. Right-click the application in the organization map, then select Add Roles(s) to this item.
    2. Enter the role name and select Find.
    NOTE

    Partial role names can be entered using an asterisk (*) to assist in populating roles. Depending on where the asterisk is placed, it will act like a variable and populate roles that contain additional text where it is placed.

    Example:

    • DEV/* will populate roles that begin with "DEV/" as seen in the screenshot above.
    • /xa will populate roles that have additional text before or after "/xa" in the role name.

    Using the asterisk alone will populate all available XA roles.

    Highlight the correct AD Group and select OK.

    All of the users within that role will have access to that application. Access to the application can be given to as many roles as needed. Additionally, single-role access can be given to as many applications as necessary.

    4 - Deploy the Connector files

    Copy all the Runas Connector files to the location where the Connector is running:

    • 64-bit: C:\Program Files (x86)\HealthCast\ExactAccess\Wrappers\ directory
    • 32-bit: C:\Program Files\HealthCast\ExactAccess\Wrappers\ directory

    5 - Create a link to the Connector

    ExactAccess Toolbar:

    1. If ExactAccess (XA) Toolbar is utilized, for displaying Connector link(s) on the XA Toolbar, a registry entry is required for each Connector.
    [HKEY_LOCAL_MACHINE\SOFTWARE\HealthCast\ExactAccess\Applications]
xaRunas.exe=C:\Program Files(x86)\HealthCast\ExactAccess\Wrappers\xaRunas\xaRunas.exe
    1. Log out of XA and log back into XA. The application link should appear on the XA Toolbar.

    Connector Shortcut on Computer’s Desktop:

    If a shortcut on the computer’s desktop is needed, create and point the application shortcut on the desktop for users to launch the Runas Connector:

    Runas Application Without Command Line Parmeters.

    Example:

    C:\Program Files(x86)\HealthCast\ExactAccess\Wrappers\xaRunas\xaRunas.exe

%ProgramFiles%\Internet Explorer\iexplore.exe

    Runas Application With Command Line Parameters
    Separate the application path executable and application’s command line parameters with the pipe “|” symbol.

    Example:

    C:\Program Files(x86)\HealthCast\ExactAccess\Wrappers\xaRunas\xaRunas.exe
%ProgramFiles%\Internet Explorer\iexplore.exe|http://www.microsoft.com

    Modifying an Existing Windows Application in ExactAccess

    To modify a Windows Application link on ExactAccess Desktop/RapidIdentity Classroom View that does not require sign-on, the process includes the following major steps:

    1. Update the application in XA
    2. Display the application link on the XA Desktop or RapidIdentity Classroom View

    Update the application in XA

    To modify an existing application, follow the instructions below.

    1. Log into XA as a user with permissions to use the ExactAccess Administrator application.
    2. Select the ExactAccess Administrator link on the ExactAccess Desktop/RapidIdentity Classroom View (or click Start > Programs > HealthCast > ExactAccess > Utilities > ExactAccess Administrator).
    3. Right click the application in the Applications Frame.
    4. Select Edit Application and enter the following information:
      1. Enter Application Name: If update is required, the name of the control item as it will show up in XA and on XA Desktop. This should be something meaningful to the users.
      2. Enter Application ID: No change.
      3. Enter Application Executable: Update is required if the input is not the exe name of the application.
      4. Enter Application Command line Parameters: If update is required, enter here if the application requires command line parameters.
      5. Check the box next to Active Directory Passthrough.
      6. Select OK.
        image.png

    Display the application link on the XA Desktop or RapidIdentity Classroom View

    1. If the registry entry does not match the format of the following, an update needs to be made to display correct application link on the ExactAccess Desktop/RapidIdentity Classroom View.
    [HKEY_LOCAL_MACHINE\SOFTWARE\HealthCast\ExactAccess\Applications]
ApplicationExecutableName.exe=<full path to the application’s executable>
    NOTE

    The ApplicationExecutableName.exe is the exe that was specified in Step #4c listed in the Updating Application in ExactAccess section above.

    1. Log out of XA and log back into XA. The application link should appear on the ExactAccess Desktop/RapidIdentity Classroom View.
    Was this article helpful?
    What's Next