Restrict the Number of Active Tokens per User

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

You can change the maximum number of active SecurID tokens allowed per user. The default limit is three active tokens for each user.

Before you begin 

Operations Console administrator credentials are required.

Procedure 

  1. Log on to the appliance using an SSH client.

  2. Change directories:

    cd /opt/rsa/am/utils

  3. Run one of the following commands:

    • To set the limit for active tokens per user, type the following, and then press ENTER:

      ./rsautil store -a add_config auth_manager.admin.maximum_usable_tokens <1> GLOBAL 501

      where <1> is an integer from 1 to 3 that specifies the maximum number of active tokens per user. For values outside the range [1,3], Authentication Manager uses the default limit of three active tokens.

    • To change the limit after setting it for the first time, type the following, and then press ENTER:

      ./rsautil store -a update_config auth_manager.admin.maximum_usable_tokens <1> GLOBAL 501

      where <1> is an integer from 1 to 3 that specifies the maximum number of active tokens per user. For values outside the range [1,3], Authentication Manager uses the default limit of three active tokens.

  4. When prompted, enter your Operations Console administrator User ID, and press ENTER.

  5. When prompted, enter your Operations Console administrator password, and press ENTER.

  6. Restart all Authentication Manager services on the primary instance and all replica instances:

    cd /opt/rsa/am/server

    ./rsaserv restart all

Related Concepts

RSA SecurID Tokens

 

 


Attachments

    Outcomes