This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
ChristosPissour
Beginner
Beginner
‎2016-09-16 01:37 PM

How to create a report with users with Next Tokecode mode

I am looking to create a report with users that did not authenticated past certain timeframe, let's say three months but I realized the report doesn't include users that are at "Next Tokencode" mode. How can I either fix the report to include those user or just report separately only the user with the "Next Tokencode" mode?

 

Thanks 

Labels (1)
0 Likes
Reply
1 Reply
_EricaChalfin
Employee (Retired) Employee (Retired)
Employee (Retired)
‎2016-09-16 04:47 PM

Chris Pissouriou‌,

 

There is not an out of the box report template that shows users with tokens that are in next tokencode mode.

 

As an alternative, you can SSH to your primary and run the rsautil named sync-tokens.  The output of this command will provide a list of tokens in next tokencode mode.  Note that the -I switch in the command is an uppercase i.  Press Enter to select the default options in parentheses below:

login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter OS user password>
Last login: Tue Sep 13 14:42:46 2016 from jumphost.vcloud.local
RSA Authentication Manager Installation Directory: /opt/rsa/am
rsaadmin@am81p:~> cd /opt/rsa/am/utils
rsaadmin@am81p:/opt/rsa/am/utils> ./rsautil sync-tokens -I

Authenticator Bulk Synchronization Utility 8.1.1.13.0 (1384830)
Copyright (C) 1994 - 2014 EMC Corporation. All Rights Reserved.

Enter the absolute path for the output report file : <define the file path and file name, such as /tmp/ntc.csv>
Enter the base security domain name for recursive search [(none)]: <press Enter>
Enter the type of token selection [ (all) | file ]: <press Enter>
Choose a token filter [ assigned | unassigned | (both) ]: <press Enter>
What action do you wish to perform? [ (list) | modify ]: <press Enter>
Enter administrator user ID : <enter the user ID of a super admin user>
Enter administrative password : <enter the password for the super admin user>

 

Authenticator Bulk Synchronization Utility 8.1.1.13.0 (1384830)
Copyright (C) 1994 - 2014 EMC Corporation. All Rights Reserved.

Started job on Fri Sep 16 15:35:56 EDT 2016 with ID = ims.ae00d5d51e02a8c018c9b965cc3079db
rsaadmin@am81p:/opt/rsa/am/utils> 

When done, use WinSCP or FileZilla to copy the file to your local machine for review.

 

The following data is in the report:

  • Token Serial Number
  • Clock Offset
  • Next Tokencode Mode Status
  • Last Login Date/Time
  • Principal Lockout Status
  • Security Domain
  • Expiration Date Database
  • Expiration Date Security Block

 

The value for Next Tokencode Mode status will be listed as true or false.

 

Please let me know if you have further questions.

 

Regards,

Erica

Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.