[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] SecurID with Active Directory ?



Does anyone know of a product that will tie-in RSA's SecurID with Microsoft Windows Active Directory? I want to require certain users to use their pin+current token in order to authenticate to the Domain. However, the main solution from RSA does not appear to provide a very good solution at all. RSA for Windows authenticates against the RSA Authentication Manager and if successful allows the client to then send the Windows password to the Domain Controller. This kind of defeats the purpose of two-factor as they could just login with their normal Windows password from a machine that doesn't have the RSA software on it. Additionally, what if they want two-factor across the board.. to include NetBIOS/SMB Shares/Webmail? Is there a product that will tie into Active Directory and *only* and *always* accept RSA SecurID pin+tokens for authentication?

This can easily be done *nix boxes, but I am having some trouble finding something that will work on Windows.

Any ideas?

Thanks,

Steven


_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/