Setup Guide
Table Of Contents
- 1 Introduction
- 2 iDRAC9 Configuration for RSA SecurID
- 3 RSA SecurID 2FA with Local Users
- 4 RSA SecurID 2FA with Active Directory Users
- 5 RSA SecurID 2FA with Generic LDAP Directory Users
- 6 Troubleshooting RSA SecurID Issues
- 6.1 Misconfiguration or iDRAC Configuration Gets Reset
- 6.2 Datacenter License Expires or Gets Downgraded or Deleted
- 6.3 Authentication Failures without being Prompted for RSA Passcode
- 6.4 Authentication failures with Correct RSA Passcode
- 6.5 Authentication Failures with Correct RSA Passcode due to Timeout
- 6.6 RSA Configuration gets lost after importing Server Configuration Profile
- Appendix A: Configure iDRAC Using RACADM
- Appendix B: References
RSA SecurID 2FA with Active Directory Users
ID 450
Logging into iDRAC UI with an AD user
Next, the user is challenged with RSA SecurID, you must get and enter the passcode displayed in the RSA
SecurID app for this specific AD user. You have three chances to enter the correct passcode. The same
lockout policy applies to AD user as well. For better security, the RSA AM server can be configured to
challenge a user with the “next token” after the configurable failed attempts occur. iDRAC will prompt user to
enter the next token after a correct passcode is entered and verified by the RSA AM server. The user then
must get the “Next Token” from RSA app.
RSA passcode required for the AD user