000021543 - RSA ACE/Server 5.2 Administration API documentation error regarding Sd_EmergencyAccessOTP

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021543
Applies ToRSA ACE/Server 5.2 Administration API
Microsoft Windows 2000 Advanced Server SP3
Sun Solaris
IssueRSA ACE/Server 5.2 Administration API documentation error regarding Sd_EmergencyAccessOTP
A documentation error shows the parameters for this function in the wrong order - the apiuser.h is correct

The corrected documentation is shown below:



Function Prototype

intSd_EmergencyAccessOTP (char tokenSerial, int number, int length, int flags,

int lifeTime, char *dateExpire, int hourExpire, char *msgBuf, int bufSize);


Tcl Function Call

Sd_EmergencyAccessOTP tokenSerial [number] [length] [flags] [lifeTime] [dateExpire





Sets the status of a token (identified by a token serial number) to ?lost? and generates

a set of one-time passwords for the token. By default, this function returns a set of two

one-time passwords (default 6 digits). You can specify a larger number of passwords.

These are given to the user and can be used for authentication. The lifetime of the

one-time password can be defined in local time by using either the dateExpire,

hourExpire, or lifeTime parameters. (You cannot use Sd_EmergencyAccessOn to

generate fixed passwords for lost tokens. It generates one-time passwords only.)



Note: You can specify a greater number of one-time passwords to be generated, provided

the maximum of 50 such passwords on file for a single user is not exceeded. If you

request a number that will raise the total above 50, the request is automatically reduced to

a smaller number. To clear tokencodes generated through Sd_EmergencyAccessOTP,

call the Sd_EmergencyAccessOff function. To generate new tokencodes to replace the

ones you have cleared, call Sd_EmergencyAccessOTP again.





tokenSerial     Token serial number: must be 12 characters. Insert leading

zeros as needed to meet this requirement, for example,


number            Number of tokencodes to generate, (default is 2).

length              Length of the one-time password. The range is 4-8, and the

default is 6.

flags                 Settings for the following flags:

1 digits only

2 letters only

3 digits and characters only

4 punctuation only

5 digits and symbols only

6 letters and symbols only

7 letters, integers and symbols

lifeTime           Number of hours until emergency access mode expires

(default 24). RSA ACE/Server cannot accept one-time

passwords with expiration dates of more than 210,240 hours

(24 years). If the lifeTime argument is greater than 0,

dateExpire and hourExpire are ignored.

dateExpire      Expiration date of the one-time password.

hourExpire      Hour of expiration.

A ACE/Server 6.0 Administration Toolkit Reference Guide

Return Values

Values returned are OK (value 0) upon successful completion of function, or ERROR

(value 1) if an error condition exists.


Logged Events


Legacy Article IDa23370