SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.

Windows Agent on non-Domain joined server


I have set up a Windows Agent (7.4.2) on a non-Domain joined Windows server and have tested authentication using via the RSA Control Center. During the testing I used domain accounts and successfully authenticated using a Hardware token, the authenticate tokencode and Push.


Since the server doesn’t belong to a domain, I assume I must set up an account in the AM database. I also assume it would have to be a unique UserID that matches the name of the local windows account.

Can you confirm that this is how I’d do this?


Now, what about the cloud service? Since I don’t have that user in a LDAP source that the IDR can see, I further assume that I would only be able to use hardware and traditional software tokens.


Additionally, the mobile Authenticate app can only have one user associated with it, so even if I did add these users to an LDAP store some how, users who needed to log into this windows agent would need two devices.

To recap, my questions are:


  1.       Do I have create unique accounts in the AM database for each user on the non-domain joined Windows Servers?
  2.        Is there any way for these users to use the Authenticate mobile app?
  3.         If there is a way to do this, how do I get around the “one device per user” restriction?

Thank you

Labels (1)
0 Replies