I've run into this with a few of our users (maybe 6 out of 70+ so far) on our Windows domain. I'll run the RSA agent installer and configure any options needed before reboot. After a reboot both their original Windows password login profile and the RSA SecurID PIN+passcode login appear for the same user. For all other users only the RSA login profile shows.
Nothing in Active Directory appears to be causing this; there are no group policies that affect only these specific user accounts or machines. The only thing I've seen that could be different is that on some of these with the dual logins, maybe all, the installer fails to shut down all actively running processes that need to close.
Could failing to stop running processes cause this? The only processes listed as open that seem to fail are things like Lotus/IBM Notes or the Carbonite backup client.