Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000031171 - Authentication Manager Node secret mismatch on TMG or UAG

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000031171
Applies To	RSA Product Set: SecurID RSA Product/Service Type: Microsoft UAG and TMG
Issue	Node Secret Mismatch Authentication method failed Node verification failed
Cause	Node secret is not created on Microsoft TMG or UAG
Resolution	Manually create the Node Secret by using the SDTEST.EXE utility. This method assumes that there is currently no node secret file (securid) located in <windir>\system32…and you DO have a valid Configuration File (SDCONF.REC) located in <windir>\system32 Run the SDTEST.EXE utility. This utility allows you test user authentication from an Authentication Agent to the RSA Authentication Manager Server. Upon a successful user authentication, the Node Secret file (securid) will be created in the <windir>\system32 folder. Copy SECURID from <windir>\system32 to …\Microsoft ISA Server\sdconfig Additional Notes on using the SDTEST.EXE utility… The SDTEST Authentication Utility is used to verify that a computer running TMG Server can successfully authenticate, using valid credentials, to the RSA Authentication Manager. Again, note that SDTEST.EXE requires the SDCONF.REC configuration file to be located in the <win32>\system32 folder to run and test authentication successfully. You may need to run SDTEST.EXE as Administrator if your logged in account does not have the proper permissions to write the file securid to the system32 folder. If this is the first time authenticating to the RSA server with this user, you may be prompted to create a PIN. If so, enter a new PIN number. When a new PIN is created, the RSA authentication Passcode for this user will now be: <PIN><passcode displayed on the token> The SDTEST.EXE tool (RSA Test Authentication Utility) is available in the TMG 2010 Tools & Software Development Kit available here: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=11183 On the above page, download SdTestPack.exe which contains the utility.

Attachments

Outcomes

0 Comments

Recommended Content