Using PowerShell to Update Registry Keys for the MFA Agent for Microsoft Windows

2 years ago

Originally Published: 2024-05-30

Article Number

000072369

Applies To

RSA Product/Service Type: RSA MFA Agent for Microsoft Windows
Version(s): 2.x

Issue

In scenarios where the MFA Agent is installed on Windows machines lacking graphical user interfaces (e.g., Windows Core Servers), certain IT administrators may need to update the associated registry keys.

If Group Policy Objects are locally applied on the machine rather than being pushed from the Domain Controller, PowerShell commands offer a method to update the agent's GPOs.

Resolution

Log in to the Windows Core server.
Open Powershell by pressing 'Win + X', then select "Windows PowerShell".
Run the below PowerShell command to update the Reserve Password value:

Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\RSA\RSA Desktop\Local Authentication Settings" -Name "ReservePasswordHashedValue" -Value "<enter the Reserve Password Value>"

After running the command, you can verify if the registry key was updated successfully:

Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\RSA\RSA Desktop\Local Authentication Settings" -Name "ReservePasswordHashedValue"

Here's a demonstration of how to update the Reserve Password value and confirm the change using the provided PowerShell commands:

Notes

Similarly, you can update any registry key if the registry path and key name are known.

For example:

Set-ItemProperty -Path "<RegistryPath>" -Name "<KeyName>" -Value "<NewValue>"

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Related Articles

Trending Articles