000033560 - How to use Windows Password Integration with Offline Authentication on Window Agent

Document created by RSA Customer Support Employee on Jul 21, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000033560
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Agent for Windows
RSA Version/Condition: 7.2.1 or 7.3.1
Platform: Windows
O/S Version: 7 Professional (64 bit)
Product Description: RSA SID Access Virtual Appliance
IssueWindows Password integration and offline authentication are two features of the Windows Agent that operate pretty much independently but overlap in that the hashed Windows Password created by the agent user and stored in the RSA database is also stored in the offline day files database.
So if you change a Windows Password - which must be done online somehow in order for a Domain Controller to learn and accept it. If done from the Windows agent itself, This new Windows Password hash will be learned by SecurID Authentication Manager and stored in the Internal Database.  If offline days are refreshed, this new Windows Password hash will then be downloaded to the Windows Agent within the Offline Day Files database. So if you change a Windows Password, then go offline without refreshing offline days, the Offline authentication Windows Password integration will fail because the offline database will have the old Window Password hash.
TasksRefresh offline days after changing your windows password in order to download that new Windows Password hash to the offline days database for this user, so they can do Windows Password integration when offline.
ResolutionRefresh offline days, which might involve a new online login, and this will update the agent offline Windows Password integration for this user on this agent. Do not attempt to change the Windows Password a second time before refreshing OA days as it may cause temporary problems such as hanging or freezing of the Windows system.