RSA ID Plus

RSA Cloud Authentication Service

RSA MFA Agent for MacOS 1.4.x and later

This article provides general troubleshooting steps for the RSA MFA Agent for MacOS (the MFA Agent).

1. Perform the Basic Troubleshooting steps when an issue arises
2. Advanced Troubleshooting can be done to gather additional data about the problem

The documentation references provided in this article are for RSA MFA Agent for MacOS v1.4.2, which is the latest version of that MFA Agent at the time of writing.

Equivalent documents for other supported versions are available on the RSA MFA Agent for macOS Documentation page.

Basic Troubleshooting

1. Ensure that you are running a supported version of the RSA MFA Agent for MacOS and any other RSA software.   
   • Support end dates for RSA MFA Agent versions are in section "Authentication Agents & Related SDK" on the Product Version Life Cycle for RSA ID Plus and RSA SecurID.
   • Supported versions of the MFA Agent can be downloaded from RSA ID Plus Downloads (RSA Community login required).
2. If you are not running the latest version of the RSA MFA Agent, check if the issue is fixed in a later version.  See the "Fixed Issues" section in the Release Notes for the latest version on the RSA MFA Agent for macOS Documentation page.
3. Ensure the Mac meets the System Requirements in "Chapter 2: Preparing for Installation" on page 16 of the RSA MFA Agent 1.4.2 for macOS Installation and Administration Guide .
4. Check if the behaviour is normal and expected.  Review the Known Behavior section on page 16, "Chapter 2: Preparing for Installation" of the RSA MFA Agent 1.4.2 for macOS Installation and Administration Guide
5. Refer to section Issues and Resolutions in "Chapter 5: Troubleshooting" on page 54 of the RSA MFA Agent 1.4.2 for macOS Installation and Administration Guide .
6. In the Cloud Administration Console, check the User Event Monitor and review all events around the time of the issue.
7. Are the affected Mac computers managed by any Apple device management software, e.g. Jamf?  If so, check that the device management software has not modified or removed any MFA Agent configurations in MacOS system files, such as system.login.console.
8. If the issue persists, contact RSA Support to open a support case if you have not done so already.

Advanced Troubleshooting

The below steps are to collect detailed troubleshooting data about MFA Agent issues.   Please follow these steps for at least one computer that is encountering the issue, and send the collected data to RSA Support when a support case is opened, and when requested by RSA Support.

1. Enable logging for the MFA Agent.  See section Enable Logging in "Chapter 5: Troubleshooting" on pages 58-59 of the RSA MFA Agent 1.4.2 for macOS Installation and Administration Guide  .  Set Log level to verbose . 
   • Take note of the previous settings so it can be set back to that later.
2. If the user is not receiving push notifications when expected or any other RSA Authenticator app issues are occurring, enable Enhanced Log Connection in the app.  See How to capture enhanced RSA Authenticator app logs for troubleshooting purposes  .
3. Follow the steps required to reproduce the issue.   Note the date, time (with time zone) and user id of the attempt.
4. Optionally, set MFA Agent logging back to previous settings.
   • The Log File Count and Log File Size settings will ensure that verbose logs do not take up too much disk space.  There is no performance impact of verbose logging.  Therefore, verbose logging can be left enabled for an extended time if needed to capture later examples of the issue.
5. Send the following items to RSA Support:
   1. Date, time (with timezone) and user id when the issue occurred at step 4 above, plus any videos, photos, symptom description and error messages.
   2. MacOS version
   3. Selected Logs & Reports from the table below, depending on the nature of the issue.  RSA Support will advise which ones to send.