This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
AmitSharma2
New Contributor
New Contributor
‎2020-06-23 02:25 AM

RSA AMBA Query

Hi Guyz,

 

Can anyone help me with RSA AMBA utitly, I have below queries:

  1. do we need to install additional AMBA license on even if we have Enterprise license.
  2. Can we deliver token to user in CTF format using AMBA?
  3. can anyone share me exact command to enable auto token delivery or auto token assignment notification over Email.
Labels (1)
0 Likes
Reply
2 Replies
EdwardDavis
Employee
Employee
‎2020-06-23 08:12 AM

1) no

 

2) AMBA cannot do CTF.

 

(sdtid files can be converted to CTF using the RSA Software Token Converter java utility)

 

3) this command will send email with the tokens as a file attached, or as an email with a CTKIP link, depending on how you fire the ./rsautil command arguments.

 

./rsautil AMBulkAdmin -a admin -P support1! --verbose -m 0 -g -i kb.csv

 

./rsautil AMBulkAdmin -a admin -P support1! --verbose -m 0 --ctkip -i kb.csv

 

use --ctkip or -g for sdtid files attached to emails. My first example below uses -g.

 

[Use the AMBA guide for more info on any of these commands and arguments]

--------------------

4) There are many ways to run AMBA.

 

This is one example:

 

-adding a user to internal database,

-set RSA password for that user

-assigning a token,

-set a pin,

-and sending token out.

 

a) AMBA command (this example shows verbose logging enabled)

 

./rsautil AMBulkAdmin -a admin -P support1! --verbose -m 0 -g -i kb.csv

 

b) input file kb.csv


Action,SoftTokenProfile
SSTP,WindowsDesktop5.0
CIF,action,LastName,DefLogin,TokEnabled,MiscVariable,FirstName,Email,MinTokenLife,SetPin,PinType,UserPwd,IdentitySource,SecurityDomain,Nickname,DeviceSerialNumber,DeliveryMethod
AUTA,autalastname,autauserid,1,4,autafirstname,administrator@farmco.local,90,1234,Passcode,password1!,Internal Database,SystemDomain,,,SMTP

 

 

c) My user autauser got an email with a token attached

 

Result in AMBA log: 

-autauserid, 000116033749, File autauserid_000116033749.sdtid created.

Info : -Token 000116033749, successfully deployed.
Success: 2020-06-23 08:23:30 : Line 4 - addTokenToUserAuto -000116033749 assigned and deployed to autauserid

 

 

When I run the command using --ctkip here is the log

Info   :                                                                -CTKIP Credentials generated for token 0001160337

----------------

Result in user email if -g : sdtid file

 

pastedImage_2.png

 

Result in user email if --ctkip: ctkip link to my webtier and custom port

 

pastedImage_3.png

 

d) The AMBA guide also has input file examples in the back.

 

Here is another example of input file to do similar action

 

This example creates 10 new Users, assigns tokens, specifies software token profiles for each User, Android 2.x ctkip and iOS20 ctkip url, and provisions the tokens through CT-KIP over email, SMTP.


Action,LastName,DefLogin,TokEnabled,UserPwd,MiscVariable,SoftTokenProfile,Email,
DeliveryMethod
AUTA,autauser1,autauser1,1,password$,4,Andoid 2.x ctkip,autauser1@test.com,SMTP
AUTA,autauser2,autauser2,1,password$,4,iOS20 ctkip url,autauser2@test.com,SMTP
AUTA,autauser3,autauser3,1,password$,4,Android 2.x ctkip,autauser3@test.com,SMTP
AUTA,autauser4,autauser4,1,password$,4,Android 2.x ctkip,autauser4@test.com,SMTP
AUTA,autauser5,autauser5,1,password$,4,iOS20 ctkip url,autauser5@test.com,SMTP
AUTA,autauser6,autauser6,1,password$,4,Android 2.x ctkip,autauser6@test.com,SMTP
AUTA,autauser7,autauser7,1,password$,4,Android 2.x ctkip,autauser7@test.com,SMTP
AUTA,autauser8,autauser8,1,password$,4,iOS20 ctkip url,autauser8@test.com,SMTP
AUTA,autauser9,autauser9,1,password$,4,iOS20 ctkip url,autauser9@test.com,SMTP
AUTA,autauser10,autauser10,1,password$,4,iOS20 ctkip url,autauser10@test.com,SMTP

Reply
AmitSharma2
New Contributor
New Contributor
‎2020-06-23 09:01 AM

Hi Edward,

 

Thanks for your response.

Can u send me the .csv file to assign token to user. I will be fetching users from my Active directory.

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.