|Applies To||RSA Product Set: SecurID|
RSA Product/Service Type: Authentication Manager, RSA SecurID Tokens
|Issue||RSA support fields many questions regarding RSA Authentication Manager licenses and RSA SecurID tokens. Sometimes a new user license is purchased to increase the number of active users allowed, but additional tokens are not purchased. This means that although there is an increased active user limit, there are no free tokens to assign. In the reverse, users have purchased more hardware or software tokens, but not increased their active user limit. New tokens are imported to the database but cannot be assigned because the license is limiting the number of active users.|
This article provides detail on the differences between RSA SecurID tokens (both hardware and software) and a license for RSA Authentication Manager. We also discuss what must be purchased to increase the number of users with tokens in your deployment.
|Resolution||When making a new purchase for either RSA SecurID hardware or software tokens or additional user licenses, be mindful that tokens and licenses are separate purchases. When working with your RSA sales rep or reseller, be sure to state that you want tokens, license or both. This prevents confusion and any delay in getting files to you.|
|Notes||The RSA Authentication Manager license shows the maximum number of users that can have tokens assigned. Despite the Limit value for a license, there can be millions of users in the database and millions of token seeds imported. The Actual value increases by one when one or more authenticators are assigned to a user.|
Authenticators can be any combination of hardware tokens, software tokens, RBA/ODA, and fixed passcode (maximum of one fixed passcode), with a maximum of three per user, by default.
RSA Authentication Manager licenses are imported into the system using Setup > Licenses > Add New.
IMPORTANT LICENSING NOTES
Import RSA SecurID token seed records to the deployment by browsing to Authentication > SecurID Tokens > Import Tokens Job > Add New.
For information about decrypting an RSA SecurID token pack so it can be imported into the Security Console, go to 000029318 - Information on the RSA SecurID protected delivery program and how it will impact the token record media decryption process for customers.