macOS administrator locked out due to RSA MFA Agent for macOS misconfiguration
Originally Published: 2020-06-24
Article Number
Applies To
RSA Product/Service Type: MFA Agent for macOS
RSA Version/Condition: 1.x
Issue
Cause
Workaround
- SSH to the macOS machine using an administrator account and edit the agent settings at /Library/Preferences/com.rsa.mfaconfig.plist. Options include setting disableCASforUnknownUser=true or enableCAS=false.
- SSH to the macOS machine using an administrator account and uninstall the RSA MFA Agent for macOS by running the following command:
sudo /Library/Application Support/RSA MFA Agent/UninstallRSAmacOSAgent.sh
- Sync the administrator (using sAMAccountName or equivalent) from your identity source to the Cloud Authentication Service and have the admin user register a mobile device. This will allow the administrator to meet the additional authentication requirement enforced by the RSA MFA Agent for macOS.
Related Articles
RSA MFA Agent 2.0 for macOS Installation and Administration Guide Number of Views RSA Announces the Release of RSA MFA Agent 2.0 for macOS Number of Views Troubleshooting RSA MFA Agent for MacOS Number of Views PKInstallErrorDomain Code=112 seen when installing RSA MFA Agent for Mac 2.0 .pkg on MacOS 26.0.1 Number of Views RSA Announces the Release of RSA SecurID Software Token 4.2.1 for Mac OS X Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA MFA Agent 2.4 for Microsoft Windows Installation and Administration Guide Downloading RSA Authentication Manager license files or RSA Software token seed records Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Release Notes for RSA Authentication Manager 8.8
Don't see what you're looking for?
