HI I need to get a question that my management raised answered as soon as possible. Can you help?
HI I need to get a question that my management raised answered as soon as possible. Can you help?
I need to know if it is possible to know if it is possible and what the steps would be to disable a large group of users access to their SecuID's but only for a limited time.
Sure it is possible. There are a few ways to stop users from authenticating
but get them back later.
a) List the users, disable account, in batches of up to 500 at a time. This is the simplest way.
b) or a tiny bit more complex (use the help menu for any details)
Make all the users on the entire system a member of any group, except
the ones you want to lock out. Then restrict your agents to that group, this means
everyone in the group can access the agents, but not anyone else.
Trusted User Group Memberships
c) disable tokens
list the tokens (by ser number, date, or some other parameter) and disable the token. This way
the user has some functionality in self-service, but tokens won't work. This does not disable on-demand, rba
or fixed passcodes..item (a) above is a more sure bet on disabling someone 100%
Hi Julio,
I have moved this thread to the RSA SecurID Access community so that you can get an answer to your question. Alternatively, if this question is too urgent to wait for a community response then I would recommend engaging RSA Customer Support for assistance.
Thanks,
Jeff
Sure it is possible. There are a few ways to stop users from authenticating
but get them back later.
a) List the users, disable account, in batches of up to 500 at a time. This is the simplest way.
b) or a tiny bit more complex (use the help menu for any details)
Make all the users on the entire system a member of any group, except
the ones you want to lock out. Then restrict your agents to that group, this means
everyone in the group can access the agents, but not anyone else.
Trusted User Group Memberships
c) disable tokens
list the tokens (by ser number, date, or some other parameter) and disable the token. This way
the user has some functionality in self-service, but tokens won't work. This does not disable on-demand, rba
or fixed passcodes..item (a) above is a more sure bet on disabling someone 100%