Re: RSA AD Intergration

[James Moore <jhmiso () RIT EDU>]

Can you help me what the issue is with dropping AD integration?  It
seems that would be a pretty big market.

 

Jim

 

________________________________

From: Rose, Ryan [mailto:Ryan.Rose () UNCO EDU] 
Sent: Monday, December 11, 2006 2:39 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] RSA AD Intergration

 

All,

 

We have implemented RSA two-factor authentication to our AD controllers
and other domain servers.  We have implemented domain integration so
activities such as "run-as" are a token challenged activity.  We have
been notified by RSA that the domain integration component is under
review and is tentatively schedule to be removed (unsupported) 4th qtr
2007.  Is anyone else utilizing RSA two-factor domain integration?  If
so what is your migration plan if they stop supporting the current
integration component.  We have discussed the option of moving to a
client install on the server, but from an overall accessibility
standpoint this does not protect the run-as type of activity from taking
place by someone without a token.  I'm curious to hear how others have
implemented and what challenges you have faced.

 

Thanks in advance for the responses,

 

Ryan