How to replace an existing token in RSA Authentication Manager 8.x with a specific token in custom mode, and NOT with the "Next Available Token".
3 years ago
Originally Published: 2018-08-20
Article Number
000040780
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.X
Issue
How to replace a token in custom mode, as opposed to the default "Replace with next available token"
Resolution
Assumption: 

"User-1" has a "Token-1" assigned to him. 

Requirement: 

To replace "Token-1" for "User-1" with "Token-n" 

Steps: 

[a] Security Console > Identity > Users > Manage Existing 

[b] Point the "Identity Source" filter on the left to your Active Directory, and search for "User-1" 

[c] When the serach result is displayed on the dashboard, expand its context by clicking the arrow and select "SecurID Tokens" 

[d] The resultant dashboard displays the list of tokens assigned to "User-1". Going by our assumption, the dashboard presents "Token-1". Expand its context by clicking the arrow and select "Edit". 

[e] Copy the Serial Number of "Token-1" 

[f] Security Console > Authentication > SecurID Tokens > Manage Existing 

[g] Point the "Serial Number" filter on the left to the serial number associated with "Token-1" and click "Search" 

[h] On the dashboard, select the checkbox and set the drop down menu on top to "Replace SecurID Tokens". Click "Go" 

[i] From the resultant dashboard of unassigned tokens, choose the one of your choice by selecting the corresponding checkbox. Going by the requirement made above, it must be "Token-n". Click "Next" 

At this stage, "User-1" is assigned "Token-n" that will replace "Token-1". 

"Token-n will replace Token-1 soon after it (Token-n) is distributed by the Security Console admin. Once distributed, the end user will no longer be able to use Token-1 to authenticate". However, the end user will be able to use the same PIN associated with Token-1 to authenticate using Token-n.


 
Don't see what you're looking for?