This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
SGTech
Respected Contributor
Respected Contributor
‎2017-07-13 05:10 AM

RSA AM Software token extension

Jump to solution

Hi

 

Any one can help me share info or documentation how can we use software token Extension.

RSA AM version is 8.1 PX , user will do upgrade to latest version 8.2 SP1 P1

please help clarify below questions:

1)After upgrade to 8.2 SP2 P1 user must redistribute token to get extension link , am I right?

2) after token got extension link user can use other tokens extension period to the current token, so user end no need to re import token in to their phones.

3) is user need to buy new tokens?

For example user have 10 tokens in their AM server which is upgraded from 8.1 Px to 8.2 SP1 P1.

all 10 tokens expiring soon, not other tokens available to replace them.

can any one explain from here how user will get token extension after they redistribute.

 

as per my understanding,

They still need to buy new tokens and import it in to RSA AM server and then when extending tokens we can sue new token serial number to extend the expiry date of existing token then new token will be deleted from RSA AM server, kindly coreect me if I am wrong.

Labels (1)
Labels
0 Likes
Reply
1 Solution

Accepted Solutions
EdwardDavis
Employee
Employee
‎2017-07-13 08:48 AM

Jump to solution

It works like this:

 

When a software token is distributed from an 8.2 or higher version, it gets a value hidden in the database called terminate date. The creates a checkmark on the security console that the token is 'extendable'.

As long as the token remains assigned to a user, the terminate date remains. 

 

The user gets the token, and it will never expire on the user side. It will just stop working for authentication on the actual expire date. If you buy new software tokens, you can go to these soon to expire tokens and extend them, with a new token, where the

 

a) new token gets deleted

b) the old token gets extended by 'inheriting the new token expire date'

 

This way the end user never needs to reinstall the token on their device, the admins can keep pushing out the expire dates.

 

NOTE: when I say 'never expire' it does eventually expire. The terminate date today is in 2035. So, until the terminate date, tokens can be extended multiple times.

View solution in original post

Reply
5 Replies
EdwardDavis
Employee
Employee
‎2017-07-13 08:48 AM

Jump to solution

It works like this:

 

When a software token is distributed from an 8.2 or higher version, it gets a value hidden in the database called terminate date. The creates a checkmark on the security console that the token is 'extendable'.

As long as the token remains assigned to a user, the terminate date remains. 

 

The user gets the token, and it will never expire on the user side. It will just stop working for authentication on the actual expire date. If you buy new software tokens, you can go to these soon to expire tokens and extend them, with a new token, where the

 

a) new token gets deleted

b) the old token gets extended by 'inheriting the new token expire date'

 

This way the end user never needs to reinstall the token on their device, the admins can keep pushing out the expire dates.

 

NOTE: when I say 'never expire' it does eventually expire. The terminate date today is in 2035. So, until the terminate date, tokens can be extended multiple times.

Reply
SGTech
Respected Contributor
Respected Contributor
In response to EdwardDavis
‎2017-07-13 10:02 AM

Jump to solution

Hi Edward,

 

Thanks for your clarification, almost clear my doubts

one quick Question

1) User should by new tokens before expired the old tokens, Am I right? if yes how many days before need to buy new tokens and import in to AM,  if user import new software tokens after old token expired still user can extend as you said above?

 

thanks,

Rajesh

0 Likes
Reply
EdwardDavis
Employee
Employee
In response to SGTech
‎2017-07-13 11:13 AM

Jump to solution

I don't know the sales cycle and how long it takes from buying software tokens to getting them in your hands. By default the system will allow you to extend tokens 15 days or lower from when tokens expire. You can run a command line action to extend this date so you can extend tokens way before the 15 day limit. In reality you can extend tokens a day before, or the same day, or after they expire, as it happens quickly and the end user needs to do nothing.

 

Can you extend a 'dead expired token' and make it active again ? Yes.

 

Here is an extremely old token, showing extendable (it was distributed from 8.2, therefore has a terminate date).

 

pastedImage_1.png

 

I am about to extend it and give it a new death date.

pastedImage_2.png

Works fine.

pastedImage_3.png

Reply
SGTech
Respected Contributor
Respected Contributor
In response to EdwardDavis
‎2017-07-14 12:02 AM

Jump to solution

Hi Edward,

 

Thanks for your help.

 

Thanks,

 

Rajesh

0 Likes
Reply
SGTech
Respected Contributor
Respected Contributor
In response to EdwardDavis
‎2020-12-14 10:22 PM

Jump to solution

Hi Edward,

 

I got below article but how many days I can give is there any limit for example 20 days or 30 days?

https://community.rsa.com/docs/DOC-77258 

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.