|Applies To||RSA ACE/Agent 5.2 for Web|
RSA Authentication Agent 5.3 for Web
RSA ACE/Agent 5.6 for Windows
Microsoft Windows Server 2003
|Issue||How to protect machines running Microsoft Windows Server 2003|
Which RSA ACE/Agents work with IIS 6.0?
How to protect Web pages on IIS 6.0
|Resolution||Both RSA ACE/Agent 5.6 for Windows and RSA ACE/Agent 5.2 for Web work with Windows 2003. These agents may be downloaded from the RSA Security Web site at http://www.rsasecurity.com/node.asp?id=1174. The RSA ACE/Agent for Web 5.2 supports web access authentication on the Windows 2003 IIS 6.0 service, RSA ACE/Agent 5.6 for Windows supplies protection for local and remote access.|
NOTE: Citrix MetaFrame servers running on Windows 2003 servers do not require RSA ACE/Agent 5.2 because it does not require the Web access authentication feature of RSA ACE/Agent. Citrix MetaFrame Web interface has SecurID support built into it; therefore, RSA ACE/Agent 5.6 is required for all Citrix products. Please refer to implementation guide for Citrix page 5 for the details.
The following limitations exist with regard to RSA ACE/Agent 5.5 for Windows support for Microsoft Windows Server 2003:
- PCAnywhere and Citrix MetaFrame 1.8 are not currently supported on Microsoft Windows Server 2003, and therefore are not supported within RSA ACE/Agent 5.5 for Windows
- Usernames that contain the following characters: @ * ? , ; = + < > | : [ ] " \ / are not supported within Windows 2003 Active Directory, and therefore are not supported within RSA ACE/Agent 5.6 for Windows.
NOTE: When using a User Principal Name (UPN) this ruling only refers to the username portion of the UPN)
- When you use RSA ACE/Agent 5.6 with Windows Terminal Server in Windows 2003, even if you select "Use Standard Windows Authentication", the system presents users with a Windows login prompt as well as an RSA SecurID PASSCODE prompt, where a fully integrated solution is desired the SecurID for Microsoft Windows should be used
- To automatically register an RSA ACE/Agent 5.6 host to an RSA ACE/Server 5.2, you must use the Automated Agent Host Registration and Update (sdadmreg) utility provided with RSA ACE/Server 5.2, not the one provided with RSA ACE/Agent 5.6
|Legacy Article ID||a19662|