000032390 - How to install the same RSA SecurID Software Token 5.0 for Windows on different machines without re-importing it

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Feb 24, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000032390
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Software Token for Windows
RSA Version/Condition: 5.0
IssueUse case:
  • There are a pool of users and a pool of Windows machines.
  • The end user needs to be able to access the token for each individual user from any machine without re-importing each token on each machine. 
  • The home of the users on the server is set to a remote location, such as \\fileserver\users\%USERNAME%.
TasksHave one token imported per user on one Windows machine and have the token accessible for the user from any other Windows machine. 
ResolutionInstall the token RSA SecurID software token application on each server using the following properties: 
  • SETCOPYPROTECTION=FALSE to remove the binding of the token to the specific machine on which the token is imported; and thus to be able to find it on any other machine.
  • SETSINGLEDATASE=TRUE to remove the binding of the token to the specific user accessing the machine.  The installation is still secured as the token is stored in the home drive of each user and cannot be accessed by any other user.
  • SETDATABASEDIR=%AppData%\RSA to install the database containing the user’s software token to a location other than the default directory.
Notes:
  • The database location above is for the Roaming folder which is shareable, if a user changes his actual workstation.
  • The database location can be different if you want to put it on a shared drive, which is sort of a permanent but remote location, for example \\fileserver\users\%USERNAME%

Standard RSA SecurID Software Token desktop application


Type in the command shown below on one line:
msiexec /qn /i pathname\RSASecurIDToken500.msi /lv c:\install.log SETCOPYPROTECTION=FALSE 
SETSINGLEDATASE=TRUE SETDATABASEDIR=%AppData%\RSA

 

RSA SecurID Software Token with Automation


Type in the command shown below on one line:
msiexec /qn /i pathname\RSASecurIDTokenAuto500.msi /lv c:\install.log SETCOPYPROTECTION=FALSE 
SETSINGLEDATASE=TRUE SETDATABASEDIR=%AppData%\RSA

The token is imported once on a server.  When the token app is launched, the token is available without a need to re-import it.
NotesThis is a workaround for users who need to have access to their tokens from different locations 

Attachments

    Outcomes