000019230 - How to allow Microsoft Internet Authentication Service (IAS) to pass requests to both RSA ACE/Server 5.x and Active Directory

Document created by RSA Customer Support Employee on Jun 15, 2017
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000019230
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: ACE/Server
RSA Version/Condition: 5.1, 5.2
Platform: Microsoft Windows Server 2003
Platform (Other): Microsoft Internet Authentication Service (IAS)
IssueThis article provides information on how to allow Microsoft Internet Authentication Service (IAS) to pass requests to both the ACE/Server and Active Directory.
In some instances, there is a requirement to have RADIUS authentication requests sent to more than one server to allow different types of checks or results to be returned.
ResolutionIt is possible to use the Microsoft IAS to split authentication from authorization. Details about how this may be achieved can be found in the Microsoft documentation on Connection Request Policies.
NotesThis is an available solution from Microsoft, thus queries about it should be addressed to Microsoft. The solution presented may not be suitable for all possible scenarios with RSA SecurID but gives an indication as to the flexibility and integration which may be achieved.
Legacy Article IDa20521