Devices running Windows 10 or Windows 11 operating system crash on reboot the machine after RSA MFA Agent 2.3.x for Windows is installed
Originally Published: 2024-03-22
Article Number
Applies To
RSA Product/Service Type: RSA MFA Agent 2.3.x for Windows
Agent Version/Condition: 2.2.1, 2.3.x
Issue
With the release of RSA MFA Agent 2.2.1 for Windows and RSA MFA Agent 2.3.0 for Windows some customers reported operating system crashes when Windows Password Integration (WPI) is disabled and they had a third-party password management/rotation tool (e. g., Windows LAPS, Cyber Ark, etc.) installed on the agent machine. The agent goes into the WPI loop when it should not, and it was interfering with the third-party tool causing the operating system to crash.
Issue 2:
Another cause of the operating system crash is because of the unavailability of a registry key (Local Authentication Settings) and the values inside it (especially the ones which are mentioned below).
Resolution
The issue was fixed in RSA MFA Agent 2.3.0 HF1 for Windows and later RSA MFA Agent 2.3.1 for Windows.
Resolution for Issue 2:
Before rebooting the machine and after installing RSA MFA Agent 2.3.1 for Windows, open the registry and confirm that HKLM/Software/Policies/RSA Desktop/Local Authentication Settings exists.
If it exists, ensure that the GPO policy Specify logging options is enabled on the domain controller and that the registry keys have these values:
- EnableLogs
- Level, Rotation
- RotationFileSize
Normally the registry key/values will get inserted/updated once you do a gpupdate /force on the agent machine. In case the gpupdate /force command fails or displays any warnings, the registry key/values may not get updated. In all cases, verify that the above-mentioned registry entries are in place before rebooting the machine to avoid crashing the operating system after installing the agent. In machines that are not connected to the domain, the local GPO policy should have the Specify logging options set to Enabled and the option to Enable offline authentication is not set to Disabled.
The above-mentioned issue will be fixed in the upcoming patch release of MFA (MFA 2.3.2).
Related Articles
Disable multi-factor authentication (MFA) prompt for "Run as" on machine on which the RSA MFA Agent for Microsoft Windows … Number of Views Enable a web proxy for RSA MFA Agent for Microsoft Windows Number of Views Node secret mismatch error when authenticating with an RSA Authentication Agent for Windows when NetMotion is installed Number of Views Unable to Install/Upgrade RSA MFA agent for Microsoft Windows Number of Views Troubleshooting RSA MFA Agent for Microsoft Windows Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes for RSA Authentication Manager 8.8 Deploying RSA Authenticator 6.2.2 for Windows Using DISM Downloading RSA Authentication Manager license files or RSA Software token seed records
Don't see what you're looking for?
