Please ensure that the user is synchronized between RSA Via Access and the LDAP directory server. 
Synchronization ensures that the RSA Via Access hosted service reflects any updates made to your LDAP directory server.

1. In the Administration Console, click Users > Identity Sources.
2. Click the triangle icon next to Edit for the Identity Source that contains the user(s) in question.  Choose Synchronization.
3. Click Synchronize Now.
4. Click Refresh to check the synchronization status.
5. Once the synchronization is completed, the page displays the job status, and the number of users added, updated, and not synchronized.
6. Ask the user to login and check if the policy is now enforced.
7. If the policy is still not enforced to the user, check If the user is included in the "users not synchronized", check the reason (e.g. missing email address, ..), correct the active directory record and start Sync again.
8. Ask the user to login and check if the policy is now enforced.