SecurID^® Discussions

DanyFernandes · ‎2022-09-09

Dear Community,

I’m planning to replace a deployment in version 8.1 to a new one in version 8.6.

Following the documentation https://community.rsa.com/t5/securid-authentication-manager/exporting-and-importing-users-and-tokens-between-deployments/ta-p/629959 I successfully managed to export the user database and their assigned tokens from the 8.1 deployment and imported them to the new 8.6 deployment (around 10 000 users).

But I see that our unassigned tokens, around 1000 of them being non-expired, were not exported in the process. We need those to replace expired tokens. I’ve looked the documentation but I didn’t find something related to the export of unassigned tokens.

Do you have a recommendation on how I could manage exporting them after the user database ?

Thanks for your help.

EricaChalfin · ‎2022-09-09

@DanyFernandes,

Unassigned tokens do not have associated user information and will not be part of the export. To add these unassigned tokens to the destination server, you can do one of the following:

On the Security Console,
1. Select Administration > Export/Import Tokens and Users.
2. Download an encryption key.
3. Choose Export Tokens and Users.
4. Under Export Selection, choose Tokens Only (Users associated with the tokens will not be exported) and click Next.
5. Choose your security domain.
6. For Status, choose Unassigned Tokens and click Export.
7. Click the Download File link to download and save the export file to your local machine.
8. Import the tokens to your destination server.
Alternatively, locate the original token seed .xml file(s) and password(s) and import them (Authentication > SecurID Tokens > Import Tokens Job > Add New) into the destination Authentication Manager server using the option to ignore all duplicate tokens. This way, only the tokens that were not imported will be restored to the database. They can then be assigned to your users. If you do not have the seed records and/or passwords, please contact your RSA sales representative or reseller for assistance.

In looking at the link you cited, it looks like we should mention that if you want to export unassigned tokens you need to do that separately. I will make a doc request to add that information. Thank you for pointing it out!

Best regards,
Erica

View solution in original post

EricaChalfin · ‎2022-09-09

@DanyFernandes,

Unassigned tokens do not have associated user information and will not be part of the export. To add these unassigned tokens to the destination server, you can do one of the following:

On the Security Console,
1. Select Administration > Export/Import Tokens and Users.
2. Download an encryption key.
3. Choose Export Tokens and Users.
4. Under Export Selection, choose Tokens Only (Users associated with the tokens will not be exported) and click Next.
5. Choose your security domain.
6. For Status, choose Unassigned Tokens and click Export.
7. Click the Download File link to download and save the export file to your local machine.
8. Import the tokens to your destination server.
Alternatively, locate the original token seed .xml file(s) and password(s) and import them (Authentication > SecurID Tokens > Import Tokens Job > Add New) into the destination Authentication Manager server using the option to ignore all duplicate tokens. This way, only the tokens that were not imported will be restored to the database. They can then be assigned to your users. If you do not have the seed records and/or passwords, please contact your RSA sales representative or reseller for assistance.

In looking at the link you cited, it looks like we should mention that if you want to export unassigned tokens you need to do that separately. I will make a doc request to add that information. Thank you for pointing it out!

Best regards,
Erica

SecurID® Discussions

Export tokens from 8.1 to 8.6 - unassigned tokens

SecurID^® Discussions