When I upgraded our Windows Agent from 7.3.3 to 7.4 there is no more RSA SecurID logo at login screen. How can I get that back? It was useful because our users knew they need to use RSA SecurID auth.
It is different in 7.4.x, and not something that can be switch back to the old-style....
The “Windows Tile” IS the RSA tile. 7.4 implements the v2 Credential Provider interface; in that implementation, LogonUI controls the image.
This is something that won't be able to be changed in 7.4 ...[to go back to the old v1 and 7.3.3.x look, exactly]
The most significant feature of RSA Windows agent 7.4 is implementation of Windows v2 Credential Provider v2 interface(s)This brings a significant change to the UI (details to follow)
v2 CredProvider interface(s) were introduced in Windows 8 / Server 2012“User-centric” Logon UI groups user credential(s) under a new user “tile/image”.
LogonUI – not RSA – “owns” the user image.
Allows customers to control the user image using standard Windows policies Not back-ported to Windows 7 / Server 2008 R2Implementing a v2 CredProvider DID NOT change the RSA SecurID authentication workflow.Authentication is ultimately performed by Windows using the Windows passwordAll a CredProvider does is provide credentials that LogonUI submits to WindowsThe Windows Agent requires that users must be SecurID authenticated before the credentials are submitted to Windows“SecurID authenticated” means thatChallenged users provide a valid OTP Unchallenged users are always SecurID authenticated
7.4 uses the smaller versions of the images used in 7.3Visible when multiple CredProviders are enabled in LogonUI
You need to use a Group Policy to specify the icon being shown. We have allowed additional customisation, hence the issue
RSA Authentication Agent 7.4 for Microsoft Windows Group Policy Object Template Guide
it's on Page 46 and following
Enable or Disable the Standard Windows Image for the RSA Credential Provider
Specify Custom Image to Replace RSA SecurID Image When a Handheld Authenticator Is Used
Hope this helps!
Tired that.. and it's not working..
I see the reply from Edward and appreciate the information, but how do we fix this? Cannot have my users that have been using a login box that says RSA and then expect them to keep entering RSA into one that now looks like a password login.
This has to have a better fix than this is how it is now...
Retrieving data ...