In the security console, no.
Probably the best thing to do is run a report for users with no tokens, and output it as csv,
then tune it to become an AMBA input file for assigning tokens
AMBA (auth manager bulk admin) using csv input files
a) run a security console report for all users, and choose 'has tokens assigned NO'
run report, save as csv, you now have a list of userids without tokens assigned, and can remake this csv
into a new csv for input into AMBA to assign tokens
b) if the users are in active directory,
and you have never 'touched' the user account yet, the report from (a) will not show any of these users.
You need to do something (some or any administrative action) in the RSA security console with the AD user accounts to make the RSA server 'register' the user as something that can be reported on
Here is a simple thing to do for that 'administrative action': put them in a group, and take them out later
b1) security console, identity, user groups, create a new group in the internal database...move-grp
b2) security console, identity, users, manage existing,
list your AD users (up to 500 at a time on screen), select all with the upper checkbox, and chose the upper
dropdown selection box 'add to user groups', and add them to the new group you created move-grp
b3) repeat in batches of 500 users until all users you want to show up in the report have been put in that
group move-grp
b4) run your all users report again no tokens assigned, (you do not need to specify anything about that group
in the report) and now all the AD users you just 'administratively touched' and have no token assigned will now show up in the report
(and report output is exportable as csv)
b5) go to identity, user groups, manage existing, and look at the members of the move-grp
and you can remove them from the group (in batches of 500)
