This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
Jessa
Contributor
Contributor
‎2022-05-10 11:38 AM

REST Protocol Auth. Agents - Multiple Hosts and creating a single host record.

Jump to solution

Hi all - 

I'm currently testing out getting the MFA agents working in my environment and I have noticed some conflicting documentation as well as a lack of guidance on how to specifically create a host record for multiple hosts. 

When a new Agent record is added it requires a hostname (RSA recommends a FQDN). Does this mean that the first host I create a record for, I can use for all future installs? So the GPO Template section for RSA Auth. Manager Agent Name = the single host record I first created? 

Preview file
64 KB
Preview file
34 KB
0 Likes
Reply
1 Solution

Accepted Solutions
RobertG
Frequent Contributor Frequent Contributor
Frequent Contributor
‎2022-05-10 07:11 PM

Jump to solution

For REST-protocol authentication agents, a single authentication agent record in Authentication Manager can represent multiple machines that have the agent installed. So you could have the agent installed on multiple machines, use the same Authentication Agent Name set in the GPO settings of the agent for each machine, and configure just one authentication agent in the Security Console with the same Authentication Agent Name set in the "Hostname" field. The hostname field in the authentication agent record and the Authentication Agent Name GPO setting does not have to be set to a "real" hostname: the name just needs to match on both sides.

View solution in original post

Reply
2 Replies
RobertG
Frequent Contributor Frequent Contributor
Frequent Contributor
‎2022-05-10 07:11 PM

Jump to solution

For REST-protocol authentication agents, a single authentication agent record in Authentication Manager can represent multiple machines that have the agent installed. So you could have the agent installed on multiple machines, use the same Authentication Agent Name set in the GPO settings of the agent for each machine, and configure just one authentication agent in the Security Console with the same Authentication Agent Name set in the "Hostname" field. The hostname field in the authentication agent record and the Authentication Agent Name GPO setting does not have to be set to a "real" hostname: the name just needs to match on both sides.

Reply
Jessa
Contributor
Contributor
In response to RobertG
‎2022-05-11 10:57 AM

Jump to solution

"Authentication Agent Name GPO setting does not have to be set to a "real" hostname: the name just needs to match on both sides." 

- this was exactly where i ended up yesterday and when i tested that out it worked like a charm. The 'resolve to IP' threw me off as i assumed it would fail if i created a FQDN that was not 'real' but it just warned me. Thanks for your help. 

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.