So we have RSA Security ID Auth manager 7.1 and it's components. According to one tech at RSA in order to setup the use of on demand tokens with Junos pulse version 2.1 everything is done on the RSA side. That seems incorrect and there must be configuration settings on the Juniper side. We have a MAG-SM160
Does anyone have this setup and working? I did get some docs for setup but they were for pulse 3.0. Any and all help is greatly appreciated. The goal is for the login from the Junos pulse with user id and RSA pin to trigger the on demand creation.
We are imlementing Mi-Token on SA using Pulse but we do have an RSA setup on SSG that we are phasing out so I'm a bit familiar with RSA and the SA when it comes to handling tokens.
It makes sense to me that the RSA would handle the token assignment as you are telling the SA to pass the authentication information to the RSA server.
This is how the Mi-Token setup works.
I could hand out a sack of tokens to users and the SA takes the username, password, and token code and passes it off to the authentication server which records 'token1 is user X, token2 is user Y', etc.
I would expect the RSA configuration to be similar as RSA would just have to be told to handle/expect auto-assignment with tokens as the SA should not care/need config for this.
On-demand meaning I hand out a sack of tokens and do not pre-provision the tokens for users ahead of time - token1 to userX, token2 to userY, etc.