|Applies To||RSA Product Set: SecurID|
RSA Product/Service Type: Authentication Agent for Windows
RSA Version/Condition: 7.2.1
Platform: Windows 2008
Platform (Other): Windows 2012
|Issue||Agent 7.2.1 for Windows displays incorrect failed attempts on interactive log on screen. RSA Agent 7.2.1 for Windows does not display correct number of failed attempts. It displays zero number of failed log in attempts no matter how many times user fails to log on.Display information about previous log on attempts doesn’t work when RSA Agent Installed.|
It does not matter whether Password integration is enabled or disabled.
Result: RSA Agent changes the default Windows log on behavior and fails to provide correct interactive log on information event though there were unsuccessful attempts.
|Cause||The displaying of number of failed log in attempts during the log in process is a new feature and it was introduced in Windows 2008 and Windows 2012. Microsoft has introduced this new functionality and it requires making new calls to get this data.|
This issue has been reported in defect AAWIN-2148.
|Resolution||This issue has been resolved in build 72 for RSA Authentication Agent 7.2.1. Contact RSA Technical Support to obtain the most recent build for Windows Agent.|
Description of the two modes of agent log on processing:
The Do Not Preserve History (default) mode enables display of
descriptive authentication failure messages to users during logon
but does not preserve failed authentication history for display at
successful logon, when Windows is configured to show last interactive
The Preserve History mode returns a generic authentication failure
message in response to a failed authentication attempt during log on
but correctly shows the number of failed authentication attempts
within Windows last interactive log on information.
The two modes of agent execution are configured by a new GPO template,
This template is provided in the "Policy Templates" portion of the kit.
Install, with "gpedit.msc", the new gpo template.
Invoke the GPO for configuring our Agent. The presentation of choices
for Mode, are the following for response to:
Preserve Failed Auth History:
1. Do Not Preserve Auth History
2. Preserve History
To direct the agent to run in default mode:
Select "Do Not Preserve Auth History"
To correct the behavior described in the Jira defect:
Select "Preserve History"
Be sure to "Apply" selections.