RSA Authentication Manager Prime Help Desk Admin Portal Unlock User option grayed out
3 years ago
Originally Published: 2017-01-05
Article Number
000040233
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager Prime
Issue
Different levels of support staff use the Authentication Manager Prime Help Desk Admin Portal website to administer RSA users. One group requires access that allows them to unlock a user's account after it locks. This option was enabled via the Security Console and it can be verified that that role does have the requested permission; but when one of the users in the role tries to access the option, it is grayed out.
 
User-added image
Cause
RSA Authentication Manager Prime permissions are set in the Prime Help Desk server configuration file.
Resolution
Edit the lapProto.xml file (sample attached), located in the default directory path.  For Windows this is C:\RSA\hdap\config.  For Linux, go to \RSA\hdap\config.

Note:  Permissions for users of RSA Authentication Manager Prime are not made in the Authentication Manager.
  1. Edit the lapProto.xml with a text editor and locate the group name of the role you want to modify. In this case, the group name is Group-Help-2.
  2. Add the claim value of unlock:user as seen below.  
<group name="Group-Help-2">
                <claim value="token:disable" />
                <claim value="token:edit-destination" />
                <claim value="token:odt-enroll" />
                <claim value="token:regenerate" />
                <claim value="token:lost-emergency-ott" />
                <claim value="token:resync" />
                <claim value="token:pin-new" />
                <claim value="user:disable" />
                <claim value="rba:disable"/>
                <claim value="unlock:user" />
  1. Save the file.
  2. Restart the Tomcat-HDAP service.
Attachments
If the attachment does not open when clicked, please refresh the page and try again. You must be logged into view the file(s).

    Related Articles

    Trending Articles

    Don't see what you're looking for?