SecurID® Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.
Article Number
000033643
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Agent for Windows
RSA Version/Condition: 7.x
Platform: Windows
O/S Version: 2008 Server R2 Enterprise (64 bit)
RSA Product/Service Type: Authentication Agent for Windows
RSA Version/Condition: 7.x
Platform: Windows
O/S Version: 2008 Server R2 Enterprise (64 bit)
Issue
Windows Logon Options policy incorrectly displays the last logon time and number of failed logon attempts.
Logon always displays the current time instead of the last logon time, and always display zero failed logon attempts.
Last logon and failed logon info displays correctly if SecureID is uninstalled.
GPO:
Computer Configuration > Administrative Templates > Windows Components > Windows Logon Options
OR
User Configuration > Administrative Templates > Windows Components > Windows Logon Options
Image description
Logon always displays the current time instead of the last logon time, and always display zero failed logon attempts.
Last logon and failed logon info displays correctly if SecureID is uninstalled.
GPO:
Computer Configuration > Administrative Templates > Windows Components > Windows Logon Options
OR
User Configuration > Administrative Templates > Windows Components > Windows Logon Options
Image descriptionCause
This is a default behaviour with how the Auth Agent handles Failed authentications.
Resolution
Add the following Registry key:
- Create a DWORD value PreserveFailedAuthHistory under
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\RSA\RSA Desktop\Common Settings - Set the value to 1 to display information about previous logons.
Workaround
Another way is to used the attached GPO template and enable it to have the same effect.
In this article
