Username change affects SecureID access?
We have a user whose last name is changing, so her AD account username is changing next week. Will this affect anything with her RSA Soft Token access? This is the first time we've encountered this issue, so we're not sure what to expect.
- Auth Manager
- Authentication Manager
- Community Thread
- Forum Thread
- RSA Authentication Manager
- RSA SecurID
- RSA SecurID Access
If you are running at least AM 8.2 or later, changing the last name and UserID should self-heal, in other words the objectGUID remains the same so RSA can figure this out.
If they actually delete the account in AD, then add a new account with a new last name and new UserID, then RSA will probably lose the connection.
AM uses a cached copy of the DN to find a user record in AD, so I expect that the first authentication attempt (after the name change takes effect) will fail. Don't panic. AM, when it can't find the user record with the DN, automatically uses a cached copy of the ObjectGUID to search for the user record, and if it finds it, AM updates its copy of the DN (and other items). Usually the user assumes they mistyped the passcode and tries again; by that time AM has the updated DN and everything works.