|Applies To||RSA Product Set: SecurID|
RSA Product/Service Type: Web Agent
RSA Version/Condition: 8.0
O/S Version: Windows
Permission Issue on the Windows Server where RSA Web Agent is installed.
|Resolution||1. Login to the Windows Server as a "Local Administrator" where the RSA Web Agent is installed.|
2. Disable UAC (User Account Control settings).
4. Disable the Antivirus Software (if enabled with IPS/IDS or Enabled with Enhanced Security).
5. On the Control Panel, Select and Right Click on the RSA Authentication Agent icon and run as "administrator".
6. On the "Advanced Tab", set the IP Address Override. (Note: Need to change the Default IP# 255.255.255.255 to the "IP Address of the Windows Server where the RSA Web Agent is installed").
7. Do the Test Authentication from the RSA Web Agent by clicking on "Test Authentication with RSA Authentication Manager".
8. The Node Secret will be sent from the RSA Authentication Manager to the RSA Web Agent on the 1st Successful Authentication (Check the Node secret on the location "C:\Program Files\RSA Security\RSAWebAgent")
9. Repeat the Test Authentication for 4 to 5 times.
10. Go to the Command Prompt and run "iisreset".
11. Do the Test Authentication from the protected WebSite/OWA.
11A. If the Test Authentication from the protected WebSite/OWA fails with "Node Secret Mismatch - Cleared on the Agent but not on the Server", then check the node secret location in the IIS which the protected WebSite/OWA is pointing to.
(Note: This Node Secret issue happens because the protected WebSite/OWA is looking at a different location where the node secret(securid) file is not available).
11B. Also copy the sdconf.rec, sdstatus.12 & securid.rec (nodesecret) files from C:\Program Files\RSA Security\RSAWebAgent to C:\Program Files (x86)\RSA Security\RSAWebAgent
12. Go to the Command Prompt and run "iisreset".
13. Now the Test Authentication will be successful from the protected WebSite/OWA.