I have been configured & testing the RSA SecureID and i’ve setup the servers, integrated into the LDAP directory etc, I have multiple hosts connected and working, however I have been running into the following issue.

There is no information on the error ANYWHERE! *sigh*

Some people might find this funny, but I finally found an Authentication Monitor in the RSA Security Console, the whole thing is quite easy once you get your head around everything

After starting the Real-Time Authentication Monitor It logged the following error..

Now at this point in time, I have not setup any node secret, the ACE Admin guide explains the following

Best Practices for Automatic Delivery
If you use Automatic Delivery, which is the default setting, the Authentication
Manager automatically creates and sends the node secret to the Agent Host in
response to the first successful authentication on the Agent Host. The transmission
containing the node secret is encrypted with a key derived from the user’s passcode in
combination with other information.
• Windows Agents with a version of 4.4.0 or later store the node secret file in the
system registry.
• Windows legacy Agents (other than 4.4.0) store the node secret file in the
%SYSTEMROOT%\system32 directory.
• All UNIX Agents store the node secret file in the in the ACEDATA directory.
The default name of the node secret file is securid.
In the case of Automatic Delivery, capture of the node secret is possible if you are not
careful to control the circumstances in which the first authentication on each Agent
Host occurs.

So, with that in mind, I did the following..

I went back and tested the authentication, and BAM, it now works. “Authentication method success”

You will notice that it’s now auto generated a new secureid file It’s probably better that you create a new Node Secret file for each Agent, however i’m just in the testing phase right now, apart from a crap interface and confusing setup process, it handles it’s intended job very well. kudos to RSA.

Popularity: 7% [?]