on Nov 6, 2015Hi Guys,
I have a very simple and might be a silly question to ask.
I have been trying to figure out a way to add LDAP user into RSA Auth Mgr 8.1 without SW/HW Token. What I want is that temporary user enters his Active Directory username, password and PIN only. Is it possible to create a user like this?
I dont want to assign hardware and software token to temporary staff.
I came across Fixed Token Pass Code but it requires Offline Authentication Policy to be enabled. Am I going in right direction to implement this?
Thanks
Aleem Uddin
Hi Aleem,
maybe you can try to configure on-demand authentication to temporary
users. If you don't have a SMS gateway, you can configure to send ODA by
e-mail.
But... the odd part here is the authentication using AD username,
password AND a SecurID factor also. What happens is that if you
syncronize user passwords when installing RSA Authentication Agent in
Windows Server, then no AD password is asked. But if you don't sync,
users will be prompt for passcode and after AD password. You can choose
to sync all users except those users in a specified group. You can put
temporary users in a group and use this setting.
I hope this helps.
Cheers.
Alexander Couto
Information Security Specialist
Innovation
+55 21 3553.2848 ext. 410 (Office)
+55 21 99382.1149 (Claro)
+55 21 98772.1149 (Oi)
+55 21 98122-8661 (Tim)
+55 21 99822.7031 (Vivo)
alexander.couto@proof.com.br <mailto:alexander.couto@proof.com.br>
<http://www.proof.com.br/splunk-business-analytics/>
Em 09/11/2015 06:58, AleemUddin escreveu:
>
>
>