000035585 - Recover unenrolled user and reset end user's account in RSA Adaptive Authentication (OnPrem) 7.2

Document created by RSA Customer Support Employee on Sep 29, 2017
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000035585
Applies ToRSA Product Set: Adaptive Authentication (OnPrem)
RSA Product/Service Type: Adaptive Authentication (OnPrem)
RSA Version/Condition: 7.2
IssueThe customer unenrolled a user as a test to see if it forced the user to re-select image and passphrase, but they did not realize at the time it marks the user for deletion. They want the user back in the system.
Also they used the un-enroll option as they could not find the reset option to use in CSR.
ResolutionRe-creating an unenrolled end user:
Users that are un-enrolled are "marked for deletion", but they are not removed immediately. The deletion from the database is done 6 months after the last user activity. So, if a user is un-enrolled and there is a need to re-create it, just enroll it again.
Reset an end user's account in CSR:
About the reset option, the documentation says this:
"This option allows you to unlock and reset an end user’s account so that, the next time the end user logs on, the end user must choose new challenge questions. This leaves the end user’s account in an unverified state."
It is not explicit, but to be able to reset a user, the user needs to be locked first. There is a button to lock the users in the CSR, and when you lock the user in the CSR admin the "Reset" button will appear immediately after the lock is done. When the reset button is hit, the end user will be able to login again into the system but must choose new challenge questions and provide the necessary answers.