In Organization, we have Users in two domains domainold1 and domainold2. Now all of them has mail as domainnew.ae, But old Users has two emails one as domainold1.ae or domainold2.ae and other with domainnew.ae. When we go to Management in Users>Management in RSA Secure-ID Access Portal, for all those accounts it shows two entries.
Also in RSA Authenticate Application we can only register with domainnew email.
Now take a case, User Ashish Joshi which has domainold1 mail as email@example.com and domainnew mail as firstname.lastname@example.org. Both of these emails has same account in AD with samAccountName as ajoshi. The User has registered in the RSA Authenticate application as email@example.com as this email in use now.
The User is trying to access a portal using Radius, and giving domainold1 account Name domainold1\ajoshi with password. Portal redirects the User, option to Approve or provide 8 digit Pass from Application. User is giving the 8 digit Pass, But the process is resulting in Failure of Authentication.