Home page logo

fulldisclosure logo Full Disclosure mailing list archives

SecurID with Active Directory ?
From: "Steven" <steven () lovebug org>
Date: Tue, 10 Jan 2006 11:39:00 -0500

Does anyone know of a product that will tie-in RSA's SecurID with Microsoft Windows Active Directory? I want to require certain users to use their pin+current token in order to authenticate to the Domain. However, the main solution from RSA does not appear to provide a very good solution at all. RSA for Windows authenticates against the RSA Authentication Manager and if successful allows the client to then send the Windows password to the Domain Controller. This kind of defeats the purpose of two-factor as they could just login with their normal Windows password from a machine that doesn't have the RSA software on it. Additionally, what if they want two-factor across the board.. to include NetBIOS/SMB Shares/Webmail? Is there a product that will tie into Active Directory and *only* and *always* accept RSA SecurID pin+tokens for authentication?

This can easily be done *nix boxes, but I am having some trouble finding something that will work on Windows.

Any ideas?



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]