000038986 - Enable a web proxy for RSA MFA Agent for Microsoft Windows

1. Enable the proxy configurations on the machine.
2. Go to the REG_BINARY key related to the proxy configuration for the machine.
3. Export the DefaultConnectionSettings registry key.
4. Modify the registry key with the new path for the local user account.
5. Import the new registry key.
6. Enable the MFA Agent for Microsoft Windows GPO for online and offline authentication.
7. Test the agent to confirm that both online and offline authentication are successful.

1. Enable the proxy configurations for the windows machine.
   
   1. Log in to the Windows machine as a domain admin user.
   2. Click Start and search for Internet Options.
   3.  Go to Connections > LAN Settings.
   4. Under Proxy Server, enter your proxy server information.
   5. Click OK when done.

2. Click Start and search for regedit. Right click and Run as Administrator.
   
   
   1. A REG_BINARY value will be created with the name DefaultConnectionSettings, and it must be filled with the web proxy information.
   2. Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections. You will see a REG_BINARY key named DefaultConnectionSettings.

3. Export the DefaultConnectionSettings key by selecting the registry key and selecting File > Export. Save the export key with the name DefaultConnectionSettings.

4.    Modify the registry key to import again with different location.
   
   1. The easiest way is to open the registry key with a text editor and modify the registry key location.
   2. In the registry file, you will find the exported location that was browsed to in step 2.
   3. Modify this location with the new location for the local user account; that is, HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections.
   4. Save and close the file.

 

5. Import the updated registry key (File > Import) and browse to the location of the key. The key will automatically be imported in the location for the local users account as specified by modifying the file in steps 4.

You can create a GPO with the registry key values and be pushed to all the machines in your domain.

6. Enable the GPO for Online/Offline Authentication to the Cloud Authentication Service.

• To enable Online Cloud Authentication Service Authentication:

• To enable Offline Cloud Authentication Service Authentication:

For more details about the RSA MFA Agent for Microsoft Windows and GPO configurations, see the RSA MFA Agent 1.2 for Microsoft Windows Installation and Administration Guide and the RSA MFA Agent 1.2 for Microsoft Windows Group Policy Object Template Guide.

7. To test authentication, open the RSA MFA Agent for Microsoft Windows test utility.
   
   1. Test online authentication first. After a successful authentication, wait 60 seconds to download the offline days. Ensure that the offline days are downloaded by watching the user event monitor on the Cloud Admin Console).
   2. Test offline authentication.