Re: RSA AD Intergration

["Stephen W. Bradley" <bradlesw () MUOHIO EDU>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It sounds as though it is just a specific feature from RSA.  It may be that
the rest of two-factor authentication is still supported and it doesn't look
like it is set in stone yet.





steve



________________________________

From: James Moore [mailto:jhmiso () RIT EDU]
Sent: Monday, December 11, 2006 4:23 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] RSA AD Intergration



Can you help me what the issue is with dropping AD integration?  It seems
that would be a pretty big market.



Jim



________________________________

From: Rose, Ryan [mailto:Ryan.Rose () UNCO EDU]
Sent: Monday, December 11, 2006 2:39 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] RSA AD Intergration



All,



We have implemented RSA two-factor authentication to our AD controllers and
other domain servers.  We have implemented domain integration so activities
such as "run-as" are a token challenged activity.  We have been notified by
RSA that the domain integration component is under review and is tentatively
schedule to be removed (unsupported) 4th qtr 2007.  Is anyone else utilizing
RSA two-factor domain integration?  If so what is your migration plan if
they stop supporting the current integration component.  We have discussed
the option of moving to a client install on the server, but from an overall
accessibility standpoint this does not protect the run-as type of activity
from taking place by someone without a token.  I'm curious to hear how
others have implemented and what challenges you have faced.



Thanks in advance for the responses,



Ryan

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)

iD8DBQFFfpkdiCwky0/CC34RAiy9AJ90F6SGyXz6DETZxPN69pwwuGcPRACfV52y
gElodvwKnI4PECEqf190GCI=
=jZu+
-----END PGP SIGNATURE-----

Attachment: PGPexch.htm.asc
Description: