Submit a ticketCall us

AnnouncementsFace your biggest database issues head-on

Our new eCourse helps you navigate SQL Server performance blocks by teaching you how to recognize and deal with the three DBA Disruptors: Performance Hog, Blame Shifter, and Query Blocker. Register today to learn how to defend your environment and fend off menacing disruptions.

Register for your free eCourse.

Home > Success Center > Network Configuration Manager (NCM) > NCM - Knowledgebase Articles > NCM and Two Factor Authentication for logging into a device

NCM and Two Factor Authentication for logging into a device

Table of contents

Updated April 15, 2016


This article provides brief information on the limitations of Two Factor Authentication for logging into a device via NCM.


All NCM versions


NCM cannot support Two Factor Authentication for logging into a device and Orion itself only supports Two Factor Authentication for logging into the Orion Web Console.


The authentication factors of a Two Factor Authentication scheme may include:

  • A physical object in the possession of the user, such as a USB stick with a secret token and such
  • Something known to the user, such as a username, password, PIN, TAN, etc.
  • Physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, typing speed, etc


For the NCM application to log into devices, it is recommended to set up a service account for NCM to use and set up the devices in NCM to use that service account. The application itself cannot use a physical media of physical characteristics to act as a person.


Set up an authentication profile for NCM that is associated with a Cisco ACS (TACACS+).

Should be able to setup an  Access Service rule to allow the local ACS account to be processed before it ever hits the RSA authentication process.  (Recommend to speak with Cisco or the appropriate vendor for the device configuration).


Last modified