mailing list archives
SecurID with Active Directory ?
From: "Steven" <steven () lovebug org>
Date: Tue, 10 Jan 2006 11:39:00 -0500
Does anyone know of a product that will tie-in RSA's SecurID with Microsoft
Windows Active Directory? I want to require certain users to use their
pin+current token in order to authenticate to the Domain. However, the main
solution from RSA does not appear to provide a very good solution at all.
RSA for Windows authenticates against the RSA Authentication Manager and if
successful allows the client to then send the Windows password to the Domain
Controller. This kind of defeats the purpose of two-factor as they could
just login with their normal Windows password from a machine that doesn't
have the RSA software on it. Additionally, what if they want two-factor
across the board.. to include NetBIOS/SMB Shares/Webmail? Is there a
product that will tie into Active Directory and *only* and *always* accept
RSA SecurID pin+tokens for authentication?
This can easily be done *nix boxes, but I am having some trouble finding
something that will work on Windows.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/