000032390 - Installing the same RSA SecurID Software Token 5.0 for Windows on different machines without reimporting

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support on May 20, 2020
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000032390
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: SecurID Software Token for Windows
RSA Version/Condition: 5.0.x
IssueUse case:
  • There are a pool of users and a pool of Windows machines.
  • The end user needs to be able to access the token for each individual user from any machine without reimporting each token on each machine. 
  • The home of the users on the server is set to a remote location, such as \\fileserver\users\%USERNAME%.
TasksHave one token imported per user on one Windows machine and have the token accessible for the user from any other Windows machine. 
ResolutionInstall the RSA SecurID software token application on each server using the following properties: 
  • SETCOPYPROTECTION=FALSE to remove the binding of the token to the specific machine on which the token is imported; and thus to be able to find it on any other machine.
  • SETSINGLEDATABASE=TRUE to remove the binding of the token to the specific user accessing the machine.  The installation is still secured as the token is stored in the home drive of each user and cannot be accessed by any other user.
  • SETDATABASEDIR=%AppData%\RSA to install the database containing the user’s software token to a location other than the default directory.

  • The database location above is for the Roaming folder which is shareable, if a user changes his actual workstation.
  • The database location can be different if you want to put it on a shared drive, which is sort of a permanent but remote location, for example \\fileserver\users\%USERNAME%

Standard RSA SecurID Software Token desktop application

Type in the command shown below on one line:

msiexec /qn /i pathname\RSASecurIDToken500.msi /lv c:\install.log SETCOPYPROTECTION=FALSE


RSA SecurID Software Token with Automation

Type in the command shown below on one line:

msiexec /qn /i pathname\RSASecurIDTokenAuto500.msi /lv c:\install.log SETCOPYPROTECTION=FALSE

The token is imported once on a server.  When the token app is launched, the token is available without needing to reimport it.
NotesThis is a workaround for users who need to have access to their tokens from different locations.