NimbostratusI am trying to find a way to use RSA SecureID and still get SSO for AD resources on an APM webtop. My idea is to ask for both on login to the webtop and parse SecureID and then check AD and assign SSO mapping for resources once passed both checks.
But I am seeming to run into an interesting issue how would I be able to selectively assign passwords to different branches within VPE?
EmployeeHi,
To do this usually people will have three inputs on the logon page (username, password, and password_ad). You can then authenticate with AD/RSA using the inputs. The only issues is that the AAA objects only look for session.logon.last.password. To accommodate for this you will have them enter the RSA password in the password input and the AD password in the password_ad input.
After the logon page you will have the RSA auth then you will need a variable assign to assign session.logon.last.password_ad to session.logon.last.password. Next you will have AD Auth and SSO Mapping, etc.
-Seth