This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
NicanorPulido
Occasional Contributor
Occasional Contributor
‎2021-10-06 03:09 PM

Windows MFA Agent - Auth Manager Integration

Hi team,

with the MFA Windows Agent, it is not clear to me what is the value that should be used in the "Agent Name" attribute. It is clear that it must be the same value that is created as an Agent in the AM Security Console, but, in a massive deployment, how can it be automated?

With the traditional agent, there is an autoregistration option, in which the Agent "enrolls" with the server, but I cannot find any similar option with the MFA agent.

Many thanks for your clarification.

0 Likes
Reply
3 Replies
RobertG
Frequent Contributor Frequent Contributor
Frequent Contributor
‎2021-10-06 03:26 PM

Hello NicanorPulido,

For REST protocol authentication agents, which the MFA Agent is one, a single authentication agent record can represent multiple machines that have the agent installed. So you can have the agent installed on multiple machines, use the same authentication agent name for each one, and configure just one authentication agent in the Security Console with the same name.

Reply
RussCSwartz
New Contributor
New Contributor
In response to RobertG
‎2022-01-05 01:52 PM

When configuring that authentication agent record on the Security Console, what do you do about the IP addresses. Do you add one for each of the servers with the same name? Or is this part of the process automated? 

0 Likes
Reply
RobertG
Frequent Contributor Frequent Contributor
Frequent Contributor
In response to RussCSwartz
‎2022-01-05 04:35 PM

Russ,

The only field that you need to define in the Authentication Agent record for the MFA Agent for Windows is the "hostname" field. You can leave the IP Address field blank. For this record for the MFA Agent, the hostname field does not have to be set to a "real" hostname: it just needs to match up with the Authentication Agent name set in the GPO settings for the agent.

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.