Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
UsmanShaikh
Beginner
Beginner

Setting Active Directory Password as RSA Token PIN

We have RSA Token PIN Policy set and in Use. Client Requirement to make Active Directory Password as Token PIN.

Is there a procedure for this ?? Please share the ideas to achieve this ?

0 Likes
3 Replies
EdwardDavis
Employee
Employee

Can't be done with the RSA Auth Manager software. Pin is max 8 characters and someone has

to set it manually or it is system generated, and system cannot pull AD password and make use

of it elsewhere.

 

AD password is used solely for access to one of the web interfaces if you allow ldap password as an auth method

for security console or self service console. 

0 Likes

Client has many web based and thin client based applications integrated with RSA AM for 2FA. Some are directly with RSA AM and Some are via RSA Access Manager.

 

Now they want to make AD password as First Factor and RSA Token code as second factor. There is no way to achieve this ?

Currently RSA AM identity Store is its internal DB. If we configure AD as RSA AM Identity Store can we achieve ?

0 Likes

Even using AD as an external identity store, the PIN for each token is kept in the internal database.

 

I have seen some customers create custom login pages for their apps to do both Windows Authentication using their network credentials and SecurID authentication with PINless tokens. 

0 Likes