Configure Security Console Authentication Methods

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

Use this procedure to configure the authentication method an administrator must use to access the Security Console. For example, you can add security by requiring administrators to present an RSA SecurID passcode before they can access the Security Console.

Procedure 

  1. In the Security Console, click Setup > System Settings.

  2. Under Console & Session Settings, click Security Console Authentication Methods.

  3. In the Console Authentication field, enter the authentication method(s) that administrators must use to log on to the Security Console. If you enter multiple authentication methods, use an available operator to create a valid expression. For example:

    • To require an RSA password or LDAP password, enter RSA_Password/LDAP_Password.

    • To require both an RSA SecurID passcode and LDAP password, enter SecurID_Native+LDAP_Password.

    • To require an RSA password, enter RSA_Password.

    • To require an LDAP password, enter LDAP_Password.

    • To require an RSA SecurID passcode, enter SecurID_Native.

    If you enter an authentication method that is stronger than the current method, you are logged off and must authenticate with the new credential. For instance, if the original method was RSA_Password/LDAP_Password and you enter (RSA_Password/LDAP_Password)+SecurID_Native, you are logged off from the Security Console and must authenticate with an RSA Password or an LDAP Password, and an SecurID passcode. If you enter a method that is not stronger than the current method, the change only affects new authentication attempts.

  4. (Optional) For Non-Unique User IDs, select Identical User IDs may exist in more than one identity source if you want to allow the same User ID to exist in more than one identity source. This can be useful if you have multiple identity sources that contain names for different types of users.

    Suppose that you have one identity source for employees and one for clients. This option allows identical User IDs that exist in both identity sources to be managed by the system, for example, if you have an employee with the User ID jsmith and a customer with the User ID jsmith.

  5. (Optional) For LDAP Password, select Enable LDAP Password authentication method to enable the LDAP password as an authentication method.

  6. Click Save.

  7. Select Yes, update authentication methods.

  8. Click Update Authentication Methods.

Related References

Log Configuration Parameters

 

 


Attachments

    Outcomes