000022770 - How to add a Macintosh machine to a domain using RSA SecurID authentication

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022770
Applies ToMacintosh
Domain Authentication Client (DAC)
RSA Authentication Agent 6.1 for Microsoft Windows
IssueHow to add a Macintosh machine to a domain using RSA SecurID authentication
RSA Authentication Agent 6.1 for Microsoft Windows is installed on all domain controllers. Domain authentication is enabled to challenge users in a group on  domain. Administrator cannot add a macintosh to domain. There is no DAC installed on Macintosh machine.
Microsoft Windows authentication fails from Macintosh machine
CauseInstalling RSA Authentication Agent on domain controller prevents any machine without Domain Authentication Client (DAC) from joining domain
ResolutionIn Microsoft Active Directory, select Computers:



Right click New > Computer:



Make sure there is no space in the hostname, and make sure the hostname does not exceed 15 characters:





In Active Directory, create a new group. This group can be used to exclude the computers on DC:



Add the member computers to exclude:



Add macintoshhost to groups:



On the domain controller, go into RSA Security Center:



Click Challenge Settings:



Select the exclude group:





Go into Advanced Domain Settings:



Now you are ready to add macintosh machine to the domain.
Legacy Article IDa30228

Attachments

    Outcomes