Microsoft SharePoint 2016 - RSA SecurID Access Implementation Guide

Document created by RSA Information Design and Development on Mar 25, 2019Last modified by RSA Information Design and Development on Apr 29, 2019
Version 2Show Document
  • View in full screen mode

Microsoft Corporation

SharePoint 2016

Certified: April 26th, 2019

 

 

Solution Summary

Use Case

When integrated, Microsoft SharePoint end users must authenticate with RSA SecurID Access to sign in. Microsoft SharePoint can integrate using WS-Fed SSO Agent, RSA Authentication Agent for IIS or RSA Authentication Agent for AD FS.

 

Integration Types

SSO Agent integrations use SAML 2.0, HFED or WS-Fed technologies to direct users’ web browsers to RSA SecurID Access for authentication. SSO Agents also provide Single Sign-On to other applications using the RSA Application Portal.

RSA Authentication Agent for IIS can be leveraged to secure access to Microsoft SharePoint server. RSA Authentication for IIS supports integration with RSA Authentication Manager.

RSA Authentication Agent for AD FS can be leveraged to secure access to Microsoft SharePoint by way of AD FS. RSA Authentication Agent for AD FS supports integration with RSA Authentication Manager and RSA Cloud Authentication Service.

For more information about RSA Authentication Agents, browse to the RSA Authentication Agents page on RSA Link. https://community.rsa.com/docs/DOC-40601#agents

 

Supported Features

This section shows all of the supported features by integration type and by RSA SecurID Access component. Use this information to determine which integration type and which RSA SecurID Access component your deployment will use. The next section in this guide contains the instruction steps for how to integrate RSA SecurID Access with Microsoft SharePoint using SSO Agent.

 

Microsoft SharePoint integration with RSA Cloud Authentication Service

                                                                         
Authentication Methods

Authentication API

RADIUS

Relying Party

SSO Agent

RSA SecurID---
LDAP Password---
Authenticate Approve---
Authenticate Tokencode---
Device Biometrics---
SMS Tokencode---
Voice Tokencode---
FIDO Tokenn/an/a-

 

Microsoft SharePoint integration with RSA Authentication Manager

                                 
Authentication Methods

Authentiaction API

RADIUSAuthentication Agent
RSA SecurID--
On Demand Authentication--
Risk-Based Authenticationn/a-

 

                     
Supported
- Not supported
n/tNot yet tested or documented, but may be possible.
n/aNot applicable

 

Configuration Summary

This section contains links to the sections that contain instruction steps that show how to integrate Microsoft SharePoint with RSA SecurID Access using SSO Agent.

This document is not intended to suggest optimum installations or configurations. It is assumed that the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components. All RSA SecurID Access and Microsoft SharePoint components must be installed and working prior to the integration.

Links

SSO Agent

 

Certification Details

Date of testing: March 12th, 2019

RSA Cloud Authentication Service

Microsoft SharePoint 2016, Windows Server 2019

 

Known Issues

RSA SecurID Access related error while trying to go back to SharePoint site after sign out

Tracking Number: NGX-29120

Problem: During sign out of SharePoint site user will have the option to either "Close the browser to complete sign out" or "Go back to site". If user selects "Go back to site" option then user will get an error related to RSA SecurID access.

Workaround: Close the browser and relogin to access the site

 

Attachments

    Outcomes