Thanks!
This is a FirePass migration to APM - so this was a non-issue on the FirePass as several have stated before.
When I use an Admin account with the AD Password it fails at RSA Authentication.
When I use an Admin account with RSA SecurID it authenticates without issue
My thought process was as such (also compiled from several other threads here)
User logs in with Password, or Passcode
It authenticates where needed
AD Query leads to AD Group Assign
- Several Network Access groups are assigned to this customer - hence the AD Group Assign is needed.
My thinking was that using the variables, I would need to get the Passcode back to a Password in order for the query to happen - and assign the correct network access.