This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

How to change RSA Authentication Manager 8.x token policies on a subset of users

Article Number

000027348

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
O/S Version: SUSE

Issue

This articles explains how to:
  • Change token policies on a subset of users
  • Change policies to users in phases

Tasks

Changing a policy assigned to a Security Domain changes the policy for all users in the Domain. It is not possible to change a policy for a subset of users in a Security Domain. However, it is possible to effectively change a policy on a subset of users by moving those users to a new Security Domain with the changed policy.

If a policy is assigned to more than one Security Domain and you want to change the policy for only one of the Security Domains, duplicate the existing policy. Then make the necessary changes to the duplicate policy, and assign it to the Security Domain you want to change.


Resolution

To alter a token policy, find the policy assigned to the Security Domain you want to alter. Keep in mind that a policy can be assigned to more than one Security Domain, and a change to the policy will affect all Security Domains to which the policy is assigned.
  1. Open the Security Console and go to Administration Security Domains Manage Existing.
  2. The existing Security Domains are listed and each can be viewed to show the currently assigned policies.
To alter the token policy,
  1. Go to Authentication Policies >Token Policies Manage Existing.
  2. Edit the policy to which you want to make a change.
  3. Click Save when done.
  4. Apply the token policy to a security domain.

If the policy is assigned to several Security Domains and you want to make a change to the policy for only some of the Security Domains,

  1. Go to Authentication Policies >Token Policies Manage Existing.
  2. Click on the policy and select Duplicate.
  3. Select the desired options on the duplicate policy and click Save.
  4. The policy can now be assigned to the Security Domains to which you want to make changes.

Notes

To move a subset of users to a new Security Domain with a different policy,
  1. Open the Security Console and go to Identity > Users > Manage Existing.
  2. Search for users, using the filters to select the subset of users you want to move.
  3. Check the box next to the users you want to move, and use the pull-down at the top of the screen to select Move to Security Domain....
  4. Click Go.
  5. On the next screen, select the new Security Domain.
  6. Click Move.

IMPORTANT:  Administrators who are scoped to only have access to the previous Security Domain will not have access to the new Security Domain.

0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2021-04-23 06:18 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.