This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
PaulVaughan3
Beginner
Beginner
‎2016-06-14 04:10 PM

Separate Offline Authentication Policy

Customer wants to enable offline authentication on all of their laptops.  The offline authentication policy (system domain)is set at the default of 14 and 7 and they want the laptops to have at least 30 days or more.  I'm thinking they need a new security domain for the laptops which will have a different offline authentication policy but I can't figure out how to automatically get the laptops into the new security domain.

0 Likes
Reply
3 Replies
JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor
‎2016-06-14 05:00 PM

If the only agents needing offline are laptops (usually the case) and they all want 30 days of offline data, you could just edit the existing policy.

Second, if you have a group or subset of laptops that need 30 days OA data, and you want to keep the default policy at 14 days for whatever reason, you could just create a second OA policy and use it for those laptops.  Final approach would be more complex, create new security Domain, put laptops in that security Domain, then create this new OA policy just applying it to that Security Domain.  This is more complex approach, so assess whether you really need it.

0 Likes
Reply
PaulVaughan3
Beginner
Beginner
In response to JayGuillette
‎2016-06-14 05:07 PM

Thanks Jay. They do want to keep the offline authentication policy at 14 days for all and a separate policy for the laptops.

 

Is there a way to modify auto registration to use different security domains, one for the laptop OU and one for everything else?

0 Likes
Reply
HusseinElBaz
Employee
Employee
In response to PaulVaughan3
‎2016-06-15 03:52 AM

Hello Paul,

 

We can create a new security domain from Security Console > Administration > Security Domains > Add New.

 

During adding the security domain you will be able to set the policies applied to the security domain.

 

So kindly check and advise us back if there is any assistance needed from our side.

 

Best Regards,

0 Likes
Reply
© 2022 RSA Security LLC or its affiliates. All rights reserved.