Show Contents / Index / Search

Use Cached Passwords with Public Key Authentication

Use password caching if client users authenticate without entering passwords (for example, with public key, certificate, or SecurID authentication), and also need access to domain resources (such as printers and remote file servers) that require domain credentials. Users must log in using a password at least once. User passwords are cached in an encrypted file. After a user's password is cached, the server can use the cached password to acquire credentials on behalf of the user. This enables users to access domain resources.

To create or update the password cache

  1. Start the server console, and then click Configuration.
  2. Go to Authentication > Public Key and confirm that either Allow or Require is selected.
  3. Go to Authentication > Password Cache.
  4. Select Record password for caching.
  5. Click File > Save.
  6. Configure the client or the server so that users will authenticate using passwords.
    • If you haven't yet configured public key authentication, password authentication (using keyboard interactive) is used by default.
    • You can configure the client to support only password authentication.
    • You can configure the server to require password authentication.
  7. Have each client user connect to the server.

To use cached passwords

  1. Start the server console, and then click Configuration.
  2. Go to Authentication > Password Cache.
  3. Select Use password cache.
  4. Click File > Save.
  5. Have client users connect to the server. Users who authenticate using public key authentication now have access to domain resources using their cached passwords.

Related Topics

Configure Public Key User Authentication: Reflection for Secure IT Windows Clients

Configure Public Key User Authentication: Reflection for Secure IT UNIX Clients