This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
RichardFisk
Beginner
Beginner
‎2018-01-05 12:34 PM

Users on Laptops are given Windows and RSA logon options

Hello.

I have an issue regarding user accounts and Windows Password vs. RSA token authentication.

All of my laptop users are given two options at the Windows logon screen. Both of these options list the users domainname\username in the account tile.

 

Tile Option 1: User is prompted for their Windows PASSWORD. If they enter their Windows password, they are able to logon. It specifically says password in the input box.

Example:

Domain\Username

Password

 

Tile Option 2: User is prompted for their PASSCODE. If they enter their RSA passcode, they are able to log on. It specifically says PASSCODE in the input box.

Example: 

Domain\Username

Passcode

 

Users should only be promoted for their PASSCODE. I do not have this issue with users working from Desktop machines. The same GPOs are applied to the desktop users and the laptop users, but the laptop users have this extra logon option.

Any thoughts would be appreciated. 

Labels (1)
Labels
0 Likes
Reply
2 Replies
_EricaChalfin
Employee (Retired) Employee (Retired)
Employee (Retired)
‎2018-01-10 11:24 AM

yv72UH91BBeqWUJFrFtbNkpl2HtwcbAWOwtz8dbqiGA=‌,

 

Are these desktop and laptop users accessing the same authentication agent?  If different, please compare the policies you have in place to see if they are the same.


Regards,

Erica

,

0 Likes
Reply
RichardFisk
Beginner
Beginner
In response to _EricaChalfin
‎2018-01-10 12:22 PM

Hi Erica.

The Desktop and Laptop users both use the same agent and receive the same GPO in Active Directory.

We are speculating that this may be due to a hibernation file on the machine. That when these laptops boot, a user profile is supplied that normally shouldn't be there.

We are performing some testing now.

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.