|Applies To||RSA Product Set: SecurID|
RSA Product/Service Type: RSA Authentication Agent for Web for IIS
RSA Version/Condition: 7.1.4 build 229 or later, 7.1.4
|Issue||How to increase the web agent timeout because users are asked to re-authenticate with their RSA tokencode every five to ten minutes.|
|Tasks||1. Create new Windows environment variable called ACE_AUTH_TIME_LIMIT.|
2. Set the value of this variable to the desired idle timeout greater than the default five minutes.
|Resolution||To create a new Windows environment variable called ACE_AUTH_TIME_LIMIT on the Windows 2012 server running the agent, |
- Open the Group Policy Management Console.
- Right-click the Group Policy object (GPO) that should contain the new preference item and click Edit.
- In the console tree under Computer Configuration or User Configuration, expand the Preferences folder, then expand the Windows Settings folder.
- Right-click the Environment node, point to New and select Environment Variable.
- In the New Environment Variable Properties dialog box, select an Action for Group Policy to perform.
- Create an environment variable named ACE_AUTH_TIME_LIMIT and set the value to 10 for a 10 minute idle time-out, 15 for 15 minutes, etc.
- Click the Common tab, configure any options, and then type your comments in the Description box.
- When done, click OK. The new preference item appears in the details pane.
- There are other ways to create environment variables in Windows, including right clicking properties on the Windows Computer icon or accessing the Windows Control Panel and selecting System and Security > System.
- Go to the Advanced tab and click the Environment Variables button.
- Under System Variables, click New to add a new system variable named ACE_AUTH_TIME_LIMIT with desired variable value.
- When done, click OK to exit.