000020957 - How to protect machines running Microsoft Windows Server 2003

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000020957
Applies ToRSA ACE/Agent 5.2 for Web
RSA Authentication Agent 5.3 for Web
RSA ACE/Agent 5.6 for Windows
Microsoft Windows Server 2003
IssueHow to protect machines running Microsoft Windows Server 2003
Which RSA ACE/Agents work with IIS 6.0?
How to protect Web pages on IIS 6.0
ResolutionBoth RSA ACE/Agent 5.6 for Windows and RSA ACE/Agent 5.2 for Web work with Windows 2003. These agents may be downloaded from the RSA Security Web site at http://www.rsasecurity.com/node.asp?id=1174. The RSA ACE/Agent for Web 5.2 supports web access authentication on the Windows 2003 IIS 6.0 service,  RSA ACE/Agent 5.6 for Windows supplies protection for local and remote access.

NOTE: Citrix MetaFrame servers running on Windows 2003 servers do not require RSA ACE/Agent 5.2 because it does not require the Web access authentication feature of RSA ACE/Agent. Citrix MetaFrame Web interface has SecurID support built into it; therefore, RSA ACE/Agent 5.6 is required for all Citrix products. Please refer to implementation guide for Citrix page 5 for the details.

The following limitations exist with regard to RSA ACE/Agent 5.5 for Windows support for Microsoft Windows Server 2003:

- PCAnywhere and Citrix MetaFrame 1.8 are not currently supported on Microsoft Windows Server 2003, and therefore are not supported within RSA ACE/Agent 5.5 for Windows

- Usernames that contain the following characters: @ * ? , ; = + < > | : [ ] " \ / are not supported within Windows 2003 Active Directory, and therefore are not supported within RSA ACE/Agent 5.6 for Windows.

NOTE: When using a User Principal Name (UPN) this ruling only refers to the username portion of the UPN)

- When you use RSA ACE/Agent 5.6 with Windows Terminal Server in Windows 2003, even if you select "Use Standard Windows Authentication", the system presents users with a Windows login prompt as well as an RSA SecurID PASSCODE prompt, where a fully integrated solution is desired the SecurID for Microsoft Windows should be used

- To automatically register an RSA ACE/Agent 5.6 host to an RSA ACE/Server 5.2, you must use the Automated Agent Host Registration and Update (sdadmreg) utility provided with RSA ACE/Server 5.2, not the one provided with RSA ACE/Agent 5.6
Legacy Article IDa19662

Attachments

    Outcomes