Configuring the Agent Host entry
You will first need to create an entry on the SecurID server for this SBR instance. You should select the Agent type: Net OS Agent and then configure it.
After adding and saving the new Agent Host, collect a fresh copy of the sdconf.rec file.
Configure SBR for SecurID
On the SBR server, you will need to copy the sdconf.rec file to the /Windows/System32 directory. Since for this article, SBR is installed on Server 2008 R2, you must copy the sdconf file to the /Windows/SysWOW64 directory.
Once this has been done, restart the SBR Process/Service and then launch the SBR Administrator. You should now see that SecurID(Legacy), SecurID are available as external authentication methods.
If you browse to Users -> SecurID, you should see that there is a default user called <ANY> present on the system. This is an alias which is created by default, basically it forwards all SecurID users to the SecurID server for authentication. You can delete this catch-all account and specify usernames if you prefer but, for now, leave the ANY user present.
In order for the Node Verification Secret to be created, you must perform the initial authentication via the SecurID User authentication method. You should now browse to Authentication Policies -> Order of Methods and move the SecurID User method to the top of the list on the right, as shown below:
At this point you are now ready to send the initial request to the SBR server which will then forward the request to your SecurID server. Upon successful authentication, the SecurID server and SBR will have a node secret present on the system. This can be confirmed using several methods. If you check the syswow64 directory of the SBR server, you will find that there is now two new files present, sdstatus.12 and securid. You can also check the Agent Host on the SecurID server and you should see that the "Node Secret Created" box is checked.
Now that the SBR server is registered with SecurID and the Node Secret has been created, you should now move the SecurID method to the active side and then move the SecurID User method to the inactive side. Your SecurID implementation is now complete.