TomMorgan (Customer) asked a question.
Does anyone know if there is a way in the RSA Challenge Group settings to exempt more than one group being challenged for RSA credentials? We exempt any user in the local admin group we would like to exempt others not in the local admin group.
I tried adding other users / groups separated by commas in the group name field but that did not work.
Windows MFA Agent 2.3.4 should be able to do this: "RSA MFA Agent 2.3.4 includes the following key features: You can specify an optional secondary group for the “Challenge Users” group policy.
You can use this policy to include groups from a separate Active Directory forest."