000021915 - How to use single username to access more than one protected resource in RSA Authentication Agent 6.0

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021915
Applies ToRSA Authentication Agent 6.0
Microsoft Windows Server 2003
Microsoft Windows Password Integration
Adding second Active Directory domain host to RSA Authentication Manager for two-factor authentication
IssueHow to use single username to access more than one protected resource in RSA Authentication Agent 6.0
In Active Directory domains, can RSA Authentication Agent remember different passwords for more than one domain?
User ID exists in two domains protected by RSA Authentication Agent. Can the user have a different password on both Domains and user Windows Password Integration?
ResolutionIf a user has the same username for more than one protected resource (e.g. for a local account on a protected computer and for a domain account on a protected domain controller) or for two different protected domains, password integration behaves as follows:

- If the user's Windows passwords are the same, the RSA ACE/Agent prompts the user for an RSA SecurID passcode instead of the user's Windows password

- If the user has different Windows passwords for each account, RSA ACE/Agent remembers only the most recently used Windows password, and prompts the user to enter their other Windows password to access the second protected resource

- If DAC (domain access client ) and LAC (local access client) are installed on the same machine, the user's domain password and local password must be identical
Legacy Article IDa25652

Attachments

    Outcomes