000037661 - Run as a different user prompts for a passcode not password with RSA Authentication Agent 7.4 for Windows

Document created by RSA Customer Support Employee on Jul 18, 2019
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000037661
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Agent for Windows 
RSA Version/Condition: 7.4

When launching an application on a machine that has the RSA Authentication Agent for Windows installed and using the option to Run as different user, the user is prompted for a passcode instead of the Active Directory password even if the user is not challenged.  Thus if the user does not have a passcode/token assigned and he tries to put the password instead, it gives the following error:

Authentication failed

If the need is to be prompted for a password instead of passcode, a registry key should be created.

User-added image

ResolutionThe Workaround to be prompted for password instead of passcode can be done by creating a Remote Desktop Connection, RDC entry in the registry or a GPO setting to whitelist explorer.exe. 
  1. From Start > Run, key in regedit and press Enter to open the registry editor.
  2. Open or create the key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\RSA\RSA Desktop\Local Authentication Settings.
  3. Create a REG_SZ value named RDCFileName.
  4. Click on it and choose Modify.
  5. Set the Value data to  C:\Windows\explorer.exe.
  6. Click OK when done.

User-added image

  1. Reboot the machine and test.
  2. Run As now should prompt for password:

User-added image