This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
FrantzBoyer
New Contributor
New Contributor
‎2014-07-24 12:36 PM

How to authenticate with token to log in AM v8.1 Operations Console?

Jump to solution

Hi,

 

I'm using Auth Mgr v8.1 and administrators with Super Admin role must log into Security Console with their own SecurID token.

Apparently this is not possible for Operations console where Super Admin credentials are required for some actions (i.e. Radius Servers). In this case these administrators must also have a valisd password to access.

If they have both passord and token, they will able to log Security Console with passwords; this is not allowed accordingly with our best practices.

 

Any idea or solution?

 

Best regards,

 

Lark55

0 Likes
Reply
1 Solution

Accepted Solutions
RSAAdmin
Beginner
Beginner
‎2015-09-29 03:32 PM

Jump to solution

One way to restrict users to have passwords and authenticate to Security Console is to change de Authentication Method of Security Console.

 

First you need to have a Security Console user with Super Admin role that with a password set and no token, for example Admin2

 

After that you should change Security Console authentication settings. Probably by now you have something like:

 

RSA_Password/SecurID_Native

 

this will make authentication to Security Console available using password or the SecurID token (w/ or w/o PINs depends on your configuration of token policies) passcode.

 

You should change this to

 

SecurID_Native

 

this will allow only users with passcodes to access your Security Console.

 

This way you'll follow your best practices to authenticate to Security Console, and the Admin2 user will only be used inside Operations Console to authenticate to Security Console as needed. Admin2 will not be able to log on to Security Console web interface.

 

Hope this helps.

 

Cheers 🙂

View solution in original post

0 Likes
Reply
1 Reply
RSAAdmin
Beginner
Beginner
‎2015-09-29 03:32 PM

Jump to solution

One way to restrict users to have passwords and authenticate to Security Console is to change de Authentication Method of Security Console.

 

First you need to have a Security Console user with Super Admin role that with a password set and no token, for example Admin2

 

After that you should change Security Console authentication settings. Probably by now you have something like:

 

RSA_Password/SecurID_Native

 

this will make authentication to Security Console available using password or the SecurID token (w/ or w/o PINs depends on your configuration of token policies) passcode.

 

You should change this to

 

SecurID_Native

 

this will allow only users with passcodes to access your Security Console.

 

This way you'll follow your best practices to authenticate to Security Console, and the Admin2 user will only be used inside Operations Console to authenticate to Security Console as needed. Admin2 will not be able to log on to Security Console web interface.

 

Hope this helps.

 

Cheers 🙂

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.