We have RSA Token PIN Policy set and in Use. Client Requirement to make Active Directory Password as Token PIN.
Is there a procedure for this ?? Please share the ideas to achieve this ?
Can't be done with the RSA Auth Manager software. Pin is max 8 characters and someone has
to set it manually or it is system generated, and system cannot pull AD password and make use
of it elsewhere.
AD password is used solely for access to one of the web interfaces if you allow ldap password as an auth method
for security console or self service console.
Client has many web based and thin client based applications integrated with RSA AM for 2FA. Some are directly with RSA AM and Some are via RSA Access Manager.
Now they want to make AD password as First Factor and RSA Token code as second factor. There is no way to achieve this ?
Currently RSA AM identity Store is its internal DB. If we configure AD as RSA AM Identity Store can we achieve ?
Even using AD as an external identity store, the PIN for each token is kept in the internal database.
I have seen some customers create custom login pages for their apps to do both Windows Authentication using their network credentials and SecurID authentication with PINless tokens.
Retrieving data ...