This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA SecurID® Access Discussions

Browse the SecurID Access discussion board to get product help and collaborate with other users of SecurID Access.
MarkMalyj
Beginner
Beginner
‎2018-06-07 03:13 PM

what LAC agent version is deployed

Jump to solution

I have thousands of LAC agents, version 7.3.3.99. I am piloting an upgrade of 7.3.3.120. How do I determine whether an individual LAC agent has been upgraded?

 

I don’t see a version number on the RSA Security Console from the Access menu > Authentication Agents > Manage Existing > as in the screenshot WhereIsLACversion.PNG

 

WhereIsLACversion.PNG

Labels (1)
Labels
0 Likes
Reply
1 Solution

Accepted Solutions
JayGuillette
Contributor Contributor
Contributor
In response to MarkMalyj
‎2018-06-12 10:35 AM

Jump to solution

Could you check the properties on a .dll file through SCCM?

C:\Program Files\RSA\RSA Authentication Agent\Disconnected Authentication\DAsvcApiWrapper.dll is the offline API .dll file would have a file version that could be mapped to an agent version, compare to RSA Control Center Help Help about

LAC_OA_DLLs.png

View solution in original post

0 Likes
Reply
8 Replies
PiersB
Employee
Employee
‎2018-06-10 09:54 PM

Jump to solution

The agent version information for the Windows Agent is currently not maintained at the Authentication Manager. There are many products which can assist administrators in managing the versions of software installed in enterprise Windows deployments.

 

I believe it is also possible to silently deploy the Windows Agent via Group Policy and install a specific (and presumably up-to-date) version on your domain.

Reply
MarkMalyj
Beginner
Beginner
‎2018-06-11 12:27 PM

Jump to solution

OK, since the LAC agent version for each machine is not visible in RSA Security Console, I will ask our SCCM team to make different SCCM collections by agent version number.
But I am having trouble identifying the file that shows the agent version, like 7.3.3.120, in the file properties. All the files that I looked at in C:\Program Files\Common Files\RSA Shared or in C:\Program Files\RSA\RSA Authentication Agent have file versions like 8.5.3.120, which match the RSA Control Center version, not the RSA Authentication Agent (aka LAC agent) version 7.3.3.120.

What file do you recommend to be the marker that SCCM uses to determine the LAC agent version?

0 Likes
Reply
EdwardDavis
Employee
Employee
In response to MarkMalyj
‎2018-06-12 08:01 AM

Jump to solution

check registry ProductVersion. here I am running 7.3.3.123

 

HKEY_LOCAL_MACHINE\SOFTWARE\RSA\RSA Authentication Agent\CurrentVersion

 

pastedImage_1.png

Reply
MarkMalyj
Beginner
Beginner
‎2018-06-12 09:43 AM

Jump to solution

A registry marker for the LAC agent version is much more difficult as a basis for an SCCM collection, as you can see from "How to Use RegKeyToMof" http://be.enhansoft.com/post/2014/02/13/How-to-Use-RegKeyToMof.aspx. Our SCCM team does not do the RegKeyToMof approach. It is far easier for SCCM to inventory file properties. Isn't there a file somewhere that will show the LAC agent version? 

0 Likes
Reply
JayGuillette
Contributor Contributor
Contributor
In response to MarkMalyj
‎2018-06-12 10:35 AM

Jump to solution

Could you check the properties on a .dll file through SCCM?

C:\Program Files\RSA\RSA Authentication Agent\Disconnected Authentication\DAsvcApiWrapper.dll is the offline API .dll file would have a file version that could be mapped to an agent version, compare to RSA Control Center Help Help about

LAC_OA_DLLs.png

View solution in original post

0 Likes
Reply
MarkMalyj
Beginner
Beginner
In response to JayGuillette
‎2018-06-12 10:43 AM

Jump to solution

Yes, SCCM easily works with DLL file properties.... I saw that file already, it matches the RSA Control Center version (like 8.4.1.120) instead of the RSA Authentication Agent version (like 7.3.3.120). Tell me, does the RSA Control Center version *always* change when you upgrade the RSA Authentication Agent version? If so, we'll use DAsvcApiWrapper.dll as the marker for SCCM.

0 Likes
Reply
JayGuillette
Contributor Contributor
Contributor
In response to MarkMalyj
‎2018-06-12 10:50 AM

Jump to solution

Mark, 

I am not sure if there is an absolute relationship between the two numbers, but I know when Engineering questions the version we report in a bug (as in they already fixed a problem) this file is the tie-breaker, and I have seen a case where the .DLL did not get updated when an new version of the agent was installed, even though the RSA Control Center said the new version, the behavior of the agent was from a bug from a previous version, and we found an old DAsvcApiWrapper.dll on the workstation (I forget if it was in C:\Program Files\RSA\RSA Authentication Agent\Disconnected Authentication\ or in C:\Windows\System32, but it was where it should not have been)

So this file is a good choice to monitor for accurate Windows Agent version.

0 Likes
Reply
MarkMalyj
Beginner
Beginner
In response to JayGuillette
‎2018-06-12 10:56 AM

Jump to solution

OK, we'll use DAsvcApiWrapper.dll as our marker for SCCM, and we'll keep track of the version mapping between this file (like 8.4.1.120) and the LAC agent (like 7.3.3.120). Thank you everyone!

0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.