Hi Team,
We have enabled ODA in our environment, for some users ODA is not getting delivered.
we could not see any entries for users in our SMS provider vendor. could some one please help me where can I get the user authentication log.
want to monitor in real time when user tries to login whether it is coming to RSA or not.
I have checked the authentication monitor but could not find any.
If you click the Sherlock Holmes Magnifying glass icon in the top right, you can search for How to troubleshoot ODA
The top hit is a KB, 29925, which explains how to start some TCPDump network packet captures, one for Authentication Requests, the second filtered on SMTP and SMS deliveries. If you have a replica you should do both traces there too, so 4 traces. Then, you can watch for the Authentication request, where user enters PIN on an agent. Correlate to Authentication Monitor, so you see the ODA PIN request for an ODA TokenCode. Then you cna look at both imsTrace logs and the SMTP/SMS packets, which are readable, to actually see if an ODA tokencode was sent, and where too. Once you have this packet capture, you can yell at your SMS or SMTP server group for not delivering it.