If some RSA Authentication Manager users are unable to use RSA SecurID Authenticate Tokencodes, you can run a command line utility that enables Authentication Manager users to use Authenticate Tokencodes.
Before you begin
- The following Authentication Manager credentials are required:
- The rsaadmin password.
- RSA Authentication Manager Super Admin privileges.
- If you are provisioning a large number of users, you can create a CSV file. The file must include a column that lists User IDs. You can add an Identity Source column, if you want to specify identity sources for the users. Copy the CSV file to the /opt/rsa/am/utils directory.
- Log on to the appliance with the User ID rsaadmin and the operating system password that you defined during Quick Setup:
- On a hardware appliance or an Amazon Web Services appliance, log on to the appliance using an SSH client.
- On a VMware virtual appliance, log on to the appliance using an SSH client or the VMware vSphere client.
- On a Hyper-V virtual appliance, log on to the appliance using an SSH client, the Hyper-V System Center Virtual Machine Manager Console, or the Hyper-V Manager.
- Change directories to /opt/rsa/am/utils. Type:
and press ENTER.
If you enabling a large number of users in a CSV file, type:
./rsautil manage-securid-authenticate-app-provisioning -a create -f path -c "User ID"
Where path is the location of a CSV file and "User ID" is a column name that you specify. You can also specify -d "Identity Source" if the CSV file includes an identity source column.
If you are enabling a few users, type:
./rsautil manage-securid-authenticate-app-provisioning -a create -l list of user ids
Where list of user ids is a list of User IDs separated by commas. You can also specify -i "identity source name" to search only a specific identity source.
- Press ENTER.
- When prompted, do the following:
- Enter the Super Admin username, and press ENTER.
- Enter the Super Admin password, and press ENTER.
The SecurID app provisioning status lists the number of users that were successfully provisioned. User IDs and reasons are provided for the users that were not successfully provisioned.
The details are save in the imsTrace.log file in the /opt/rsa/am/server/logs directory.