000032864 - Unable to assign an RSA SecurID Software Token Binding ID to a software token in bulk in RSA Authentication Manager 8.1

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000032864
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.0, 8.1
IssueAdministrators distributing a large number of RSA SecurID software tokens for multiple users, where each user has their own device, the current form does not allow the administrator to enter multiple device IDs.
  1. Capture the DeviceSerialNumber values for multiple devices.
  2. In Security Console, assign software tokens to users
    1. Navigate to Authentication > SecurID Tokens > Manage Existing.
    2. Enter search criteria to bring back software tokens.
    3. Select the tokens to distribute.
    4. From the dropdown, select Assign to Users and click Go.
    5. On the Assign to Users page, select the users to whom you are assigning tokens. and click Assign.
  3. Navigate to Authentication > SecurID Tokens > Distribute Software Tokens in Bulk.  
  4. Choose option to distribute one of the following:
    • Software Token Files,
    • Dynamic Seed Provisioning Credentials or
    • Compressed Token Format Credentials.
User-added image

  1. Navigate to Authentication > SecurID Tokens >Software Token Profile.
  2. Select the correct software token profile from the list and click Next.
  3. Under Device Specific Attributes, the DeviceSerialNumber field contains a value.  Replace with the DeviceSerialNumbers captured in step 1.
User-added image

  1. Select a file protection option and click Next.
  2. Select software token(s) to issue.
User-added image

  1. Review the Job Summary and click Submit
User-added image

  1. While the job is listed on the In Progress tab, click Refresh.  
  2. When the job moves to the Completed tab, download Output File.
User-added image

  1. Once distributed, only the first user of the table with CTF can authenticate and subsequent users are failing to authenticate because device binding was done to the single device ID.
User-added image

ResolutionThis is considered to be functioning as designed.
The RSA SecurID Software Token Device Bind function is limited to a single device in the current version of RSA Authentication Manager 8.1. 
RSA Product Management is aware of this limitation and two requests for enhancement (RFE) have been raised.
AM-29846 for Authentication Manager and AMBA-54 for use with Authentication Manager Bulk Admin.