Hello RSA Support,
I am tasked with installing RSA Authentication Manager along with SecurID hardware tokens.
I am trying to implement MFA (PIN+tokencode) with MS Windows Active Directory Administrators only - not other users. I've been following along RSA Authentication Manager 8.4 Setup and Configuration Guide.
The following have been accomplished:
- the hardware tokens have been imported,
- identity sources added from our Windows domain and successfully linked,
- Administrators have been assigned SecurID tokens and enabled
The next steps to get the MFA portion operational with Active Directory are unclear. Is it required to install the Authentication Agent 7.4.3 along with GPOs on the Domain Controller? Does the agent also need to be installed on every workstation/device that the Administrators log into? The goal is to operate with the simplest configuration with least amount of additional software/services to be installed.
Any guidance or implementation guide would be appreciated.