000015173 - AM 7.1 and APP 3.0: Token policy migrated from 6.X to 7.1 is forcing system generated pins to be used  not user generated pins as specified in the active realm token policy

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000015173
Applies ToSecurID Appliance 3.0
AM 7.1
 
IssueAM 7.1 and APP 3.0: Token policy migrated from 6.X to 7.1 is forcing system generated pins to be used, not user generated pins as specified in the active realm token policy
All user data was migrated using sddump from AM 6.1 to AM 7.1.  The migrated policy is showing as the default token policy, and explicitly calls out for user generated pins to be used.  When a user tries to change their pin in the UCM (https://<fqdn>:7004/console-ims), a system generated pin is sent, and the same behavior is true on every agent.
 
Resolution1) Make the initial default token policy active and insure that system generated pins is enabled
2) Delete all other token policies
This will correct the issue
 
Legacy Article IDa52452

Attachments

    Outcomes