We would like to have an exe wrapper created that connects to AA. The idea is that this wrapper would be able to protect any exe with 2FA. When a user tries to run the exe the NetIQ client (or other mechanism) pops up and requests 2FA. Upon successful validation of the user's credentials the exe is then executed. If the user fails to authenticate the exe is not executed.