This is possible if you use "Roaming Profiles". This causes location where the user's token is stored to be a part of the user profile retrieved from a Domain Controller immediately after authentication.
It should be noted that this does defeat the idea that a software token is "bound" to a physical device. While this may be useful to provide strong 2FA for internal systems, it diminishes the value of the tokencode. A compromise of the user's domain password compromises their token seed (and therefore their tokencode) as well. You might consider having these end-user authenticate with a software token on their mobile device instead of their desktop or look at using multi-factor authentication (MFA) from RSA SecurID Access suite.
You might find some useful information in: https://community.rsa.com/docs/DOC-95915 .
