Configure RSA RADIUS to Use System-Generated PINs

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jan 24, 2020
Version 13Show Document
  • View in full screen mode

RSA RADIUS does not allow system-generated PINs by default. If you choose to allow system-generated PINs, authentication will fail unless you change the RADIUS configuration file, securid.ini, on each RADIUS server to allow system-generated PINs, and then restart RADIUS.

Before you begin 

You must be a Super Admin.


  1. Log on to the Operations Console on the RSA Authentication Manager instance hosting the RADIUS server.

  2. Click Deployment Configuration > RADIUS Servers.

  3. If prompted, enter your Super Admin User ID and password.

  4. Select the server hosted on this instance, and click Manage Server Files from the context menu.

  5. In the Configuration Files tab, select the securid.ini file, and click Edit from the context menu.

  6. Find the following line:

    AllowSytemPins = 0

    The 0 indicates that system-generated PINs are not allowed. To allow system-generated PINS, change the setting to the following:

    AllowSystemPins = 1

    The 1 indicates that system-generated PINs are allowed.

  7. Click Save and Restart RADIUS.

  8. Restart the RADIUS server for the changes to take effect.





We want your feedback! Tell us what you think of this page.