Submit a ticketCall us

Have You Auto Renewed? If not, you're missing out.
The SolarWinds Renewal Program comes with a host of benefits including the most recent product updates, 24/7 technical support, virtual instructor-led training and more. Experience all of this with the convenience of Auto Renewal, and never worry about missing any of these great benefits. Learn More.

Home > Success Center > Network Configuration Manager (NCM) > NCM and Two Factor Authentication for logging into a device

NCM and Two Factor Authentication for logging into a device

Table of contents

Updated April 15, 2016

Overview

This article provides brief information on the limitations of Two Factor Authentication for logging into a device via NCM.

Environment

All NCM versions

Detail

NCM cannot support Two Factor Authentication for logging into a device and Orion itself only supports Two Factor Authentication for logging into the Orion Web Console.

 

The authentication factors of a Two Factor Authentication scheme may include:

  • A physical object in the possession of the user, such as a USB stick with a secret token and such
  • Something known to the user, such as a username, password, PIN, TAN, etc.
  • Physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, typing speed, etc

 

For the NCM application to log into devices, it is recommended to set up a service account for NCM to use and set up the devices in NCM to use that service account. The application itself cannot use a physical media of physical characteristics to act as a person.

 

Set up an authentication profile for NCM that is associated with a Cisco ACS (TACACS+).

Should be able to setup an  Access Service rule to allow the local ACS account to be processed before it ever hits the RSA authentication process.  (Recommend to speak with Cisco or the appropriate vendor for the device configuration).

 

Last modified

Tags

Classifications

Public