lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue Jan 10 16:39:10 2006
From: steven at lovebug.org (Steven)
Subject: SecurID with Active Directory ?

Does anyone know of a product that will tie-in RSA's SecurID with Microsoft 
Windows Active Directory?  I want to require certain users to use their 
pin+current token in order to authenticate to the Domain.  However, the main 
solution from RSA does not appear to provide a very good solution at all. 
RSA for Windows authenticates against the RSA Authentication Manager and if 
successful allows the client to then send the Windows password to the Domain 
Controller.  This kind of defeats the purpose of two-factor as they could 
just login with their normal Windows password from a machine that doesn't 
have the RSA software on it.  Additionally, what if they want two-factor 
across the board.. to include NetBIOS/SMB Shares/Webmail?  Is there a 
product that will tie into Active Directory and *only* and *always* accept 
RSA SecurID pin+tokens for authentication?

This can easily be done *nix boxes, but I am having some trouble finding 
something that will work on Windows.

Any ideas?

Thanks,

Steven

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ