|Applies To||RSA Authentication Agent 6.0|
Microsoft Windows Server 2003
Microsoft Windows Password Integration
Adding second Active Directory domain host to RSA Authentication Manager for two-factor authentication
|Issue||How to use single username to access more than one protected resource in RSA Authentication Agent 6.0|
In Active Directory domains, can RSA Authentication Agent remember different passwords for more than one domain?
User ID exists in two domains protected by RSA Authentication Agent. Can the user have a different password on both Domains and user Windows Password Integration?
|Resolution||If a user has the same username for more than one protected resource (e.g. for a local account on a protected computer and for a domain account on a protected domain controller) or for two different protected domains, password integration behaves as follows:|
- If the user's Windows passwords are the same, the RSA ACE/Agent prompts the user for an RSA SecurID passcode instead of the user's Windows password
- If the user has different Windows passwords for each account, RSA ACE/Agent remembers only the most recently used Windows password, and prompts the user to enter their other Windows password to access the second protected resource
- If DAC (domain access client ) and LAC (local access client) are installed on the same machine, the user's domain password and local password must be identical
|Legacy Article ID||a25652|