This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
AleksMarfunenko
Beginner
Beginner
‎2016-08-30 07:36 AM

enable Windows logon without SecurID

Jump to solution

Hi,

i decided to open separate topic regarding AuthAgent for Windows. Client OS is Windows 10 x64.
After an installation of AuthAgent it let me to login only with SecurID. But it doesn't work...

Therefore i decided to disable SecurID and let users to login with their Usernames and passwords. But it doesn't work as well. I did this via GPO:

 

 

This GPO is applied to test computer, but user still required to use SecurID.
How i can disable SecurID for the Windows logon?

Labels (1)
Labels
0 Likes
Reply
1 Solution

Accepted Solutions
HusseinElBaz
Employee
Employee
‎2016-08-30 07:46 AM

Jump to solution

Hello  Aleks,

 

Kindly be advised that you will have to change the challenge settings from the RSA control center where the RSA Windows Agent installed, and then go for Advanced Settings -> Challenge settings, then change that to None for example.

 

So kindly check and advise us back if there is any assistance needed from our side.

 

Best Regards,

View solution in original post

0 Likes
Reply
6 Replies
HusseinElBaz
Employee
Employee
‎2016-08-30 07:46 AM

Jump to solution

Hello  Aleks,

 

Kindly be advised that you will have to change the challenge settings from the RSA control center where the RSA Windows Agent installed, and then go for Advanced Settings -> Challenge settings, then change that to None for example.

 

So kindly check and advise us back if there is any assistance needed from our side.

 

Best Regards,

0 Likes
Reply
AleksMarfunenko
Beginner
Beginner
In response to HusseinElBaz
‎2016-08-30 08:32 AM

Jump to solution

Hello Hussein,

 

you don't believe me, but actually logon with Windows Password works good. You suggested me this in another topic.

I just expected some changes on logon screen. Now it looks:

 

I expected this:

0 Likes
Reply
HusseinElBaz
Employee
Employee
In response to AleksMarfunenko
‎2016-08-30 08:39 AM

Jump to solution

Hello Aleks,

 

So that means that the challenge settings are not working, so please try to change that from RSA Control Center where the RSA Windows Agent installed, and then go for Advanced Settings -> Challenge settings, and change that so we can challenge the user that we wants to authenticate with.

 

So kindly check and advise us back if there is any assistance needed from our side.

 

Best Regards,

0 Likes
Reply
JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor
‎2016-08-30 09:46 AM

Jump to solution

One of the later Microsoft Windows updates from Aug2016 to Win10 breaks RDP from that Win10 box to any other Windows box if the SecurID agent is installed and that user is RSA challenged.  So this might be related, KB attached.  If possible could you run the RSA Real Time Authentication Monitor and get verbose agent logs during the problem?

Security Console - Reporting - Real Time Monitors - Auth Monitor

pastedImage_2.png

 

On Agent (might need to boot safe mode or break in - but you could create a challenge group with one user in it) in the RSA Control Center - Advanced Tools - Tracing, check all boxes.

pastedImage_1.png

Preview file
276 KB
0 Likes
Reply
JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor
In response to JayGuillette
‎2016-08-30 09:52 AM

Jump to solution

Basically what we would look for here is if nothing is showing in the Server Real Time Monitor, as you reported earlier, the main reason would be nothing was sent or is getting to the AM server.  Since Test Auth works, it would not likely be a network or firewall issue.  Most often it is a challenge setting, but with the stuff we are seeing lately from Windows 10 updates, Microsoft appears to be tightening access to the network or LAN through security settings, so Win10 could be blocking the auth request.  Looking in the local Agent logs will show if user is challenged, if auth request was sent, even auto-reg and offline information.  If we see something that looks like a challenged user was blocked from accessing the network, we might need to look at Event logs too.  Regards,

0 Likes
Reply
AleksMarfunenko
Beginner
Beginner
In response to JayGuillette
‎2016-08-30 09:55 AM

Jump to solution

hi Jay,
i have no problem. i just didn't configure RSA SecurID properly.

But thank you for the KB.

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.