This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
KhwajaZiaulHasa
Beginner
Beginner
‎2016-04-04 06:03 AM

RSA SecurID Integration with OWA

Jump to solution

Hello,

 

When we protect the OWA with RSA SecurID, it challenges all users. Even if we select the "Enable Selective Users" from the IIS Agent it comes up with the default RSA SecurID Username and Passcode screen. It doesnot accepts the password in that screen for other users, for which we don't want to challenge.

Can you please let me know the steps to only challenge the users of a particular group and not all users?

 

Thanking You

Zia

Labels (1)
0 Likes
Reply
1 Solution

Accepted Solutions
KhwajaZiaulHasa
Beginner
Beginner
‎2016-07-21 09:26 AM

Jump to solution

The problem got solved. Actually although I was signed in with the Administrator user, still I was supposed to open the agent with "Run as Administrator".

Since I was not doing this, it showed that it is working but actually it didn't applied the settings. As soon as I did it with "Run as Administrator: it worked for me.

 

Regards

Zia

View solution in original post

0 Likes
Reply
4 Replies
PeterGeorge
Employee
Employee
‎2016-04-04 09:45 AM

Jump to solution

Hello Zia,

 

You need to enable challenge configuration to either a group of users, or challenge all except a group of users, through:

  1. Control Panel (the machine with the web agent) -> RSA Authentication Agent -> Advanced TAB
  2. Challenge configuration, choose the needed option
  3. Type in the group name that you either want to challenge or exclude from challenge

 

For all users, they will be seeing the RSA page page, and passcode, the difference is that upon entering the password for an unchallenged user, they will be able to login.

 

You can also check the Authentication Activity monitor on the Security Console for reference.

P. 55 of the Web Agent guide, in the .zip of the installer .zip of the installer​ contains further details of the process.

 

Best Regards,

Peter

0 Likes
Reply
YasmineDowidar
Respected Contributor Respected Contributor
Respected Contributor
‎2016-04-06 05:12 AM

Jump to solution

Hi Khwaja Zia ul Hasan​,

 

Did you find the response helpful?

 

Thanks,

Yasmine

0 Likes
Reply
KhwajaZiaulHasa
Beginner
Beginner
In response to PeterGeorge
‎2016-04-06 09:56 AM

Jump to solution

Yes I have tried to select a specific group. It is working fine for those users which are assigned the passcodes. But it is not allowing other users to login with Passwords. In just a second it gives the error: " 100: Access denied: The RSA ACE/Server rejected the Passcode. Please try again."

 

I also enabled Real time Activity Monitor, but no events are shown for login attempt.

 

I tried one more thing , that I removed one user from the Group which is to be challenged. Still it is allowing that user to login with the Passcode.

 

I think I am doing something wrong in Challenge Configuration. I have selected All Users In {Domain Name}\{Group Name}

 

Regards

Zia

0 Likes
Reply
KhwajaZiaulHasa
Beginner
Beginner
‎2016-07-21 09:26 AM

Jump to solution

The problem got solved. Actually although I was signed in with the Administrator user, still I was supposed to open the agent with "Run as Administrator".

Since I was not doing this, it showed that it is working but actually it didn't applied the settings. As soon as I did it with "Run as Administrator: it worked for me.

 

Regards

Zia

0 Likes
Reply
© 2022 RSA Security LLC or its affiliates. All rights reserved.