Step 4: Configure the NICE DCV server to use the Broker as the authentication server - NICE DCV Session Manager

Step 4: Configure the NICE DCV server to use the Broker as the authentication server

Configure the NICE DCV server to use the Broker as the external authentication server for validating client connection tokens. You must also configure the NICE DCV server to trust the Broker's self-signed CA.

Linux NICE DCV server
To add the local service user for Linux NICE DCV servers

  1. Open /etc/dcv/dcv.conf using your preferred text editor.

  2. Add the ca-file and auth-token-verifier parameters to the [security] section.

    For ca-file, specify the path to the Broker's self-signed CA that you copied to the host in the previous step.

    For auth-token-verifier, specify the URL for the token verifier on the Broker in the following format: https://broker_ip_or_dns:port/agent/validate-authentication-token. Specify the port used for Broker-Agent communication, which is 8445 by default. If you are running the Broker on an Amazon EC2 instance, you must use the private DNS or private IP address.

    For example

    [security]
ca-file="/etc/dcv-session-manager-agent/broker_cert.pem"
auth-token-verifier="https://my-sm-broker.com:8445/agent/validate-authentication-token"

  3. Save and close the file.

  4. Stop and restart the NICE DCV server. For more information, see Stopping the NICE DCV Server and Starting the NICE DCV Server in the NICE DCV Administrator Guide.

Windows NICE DCV server
On Windows NICE DCV servers

  1. Open the Windows Registry Editor and navigate to the HKEY_USERS/S-1-5-18/Software/GSettings/com/nicesoftware/dcv/security/ key.

  2. Open the ca-file parameter. For Value data, specify the path to the Broker's self-signed CA that you copied to the host in the previous step.

    Note

    If the parameter does not exist, create a new string parameter and name it ca-file.

  3. Open the auth-token-verifier parameter. For Value data, specify the URL for the token verifier on the Broker in the following format: https://broker_ip_or_dns:port/agent/validate-authentication-token. Specify the port used for Broker-Agent communication, which is 8445 by default. If you are running the Broker on an Amazon EC2 instance, you must use the private DNS or private IP address.

    Note

    If the parameter does not exist, create a new string parameter and name it auth-token-verifier.

  4. Choose OK and close the Windows Registry Editor.

  5. Stop and restart the NICE DCV server. For more information, see Stopping the NICE DCV Server and Starting the NICE DCV Server in the NICE DCV Administrator Guide.