AnsweredAssumed Answered

Account with previous token can't use alias method

Question asked by Keith Giles on May 7, 2018
Latest reply on May 8, 2018 by Jay Guillette

Like • Show 0 Likes0
Comment • 3

Hi all,

We are testing the possibility of assigning a single RSA token to two user accounts, for example, usernormal and useradmin.

I know there is a caveat that if one of the accounts previously had a token assigned, the alias method would not work properly.

This is the case with my admin account. It was assigned a token last year during our POC.

Are there any options for resolving this problem caused by a prior token? Is there some way to reset the account inside of Auth Manager?

Any help on this is greatly appreciated.

No one else has this question

Outcomes

Keith Giles @ Luka Kodric on May 8, 2018 11:32 AM

Thanks. According to this documentation would I basically treat the user (that previously had a token) as an unresolvable user and follow the steps mentioned?

Actions

Jay Guillette

@ Keith Giles on May 8, 2018 11:40 AM

Yes.

Variation on this is to do things in SQL with the internal database. See

Authenticators Count problem

discussion which has link to KB on how to access SQL and find UserIDs that authenticators assigned.

000030005 - How to get an accurate active user license count in RSA Authentication Manager 8.1 using SQL

Basically you could do in SQL what clean-up can only do with the LDAP filter in place, remove the registered user.

1 person found this helpful

Actions

3 Replies

Luka Kodric May 7, 2018 5:43 PM
Mark Correct
Correct Answer
Hi

check this out 000011632 - Unable to add or manage user in RSA Authentication Manager; getting the error:  The specified ID is already in use by unresolveable user within this realm
1 person found this helpful
Like • Show 3 Likes3
Actions
- Keith Giles @ Luka Kodric on May 8, 2018 11:32 AM
  Mark Correct
  Correct Answer
  Thanks. According to this documentation would I basically treat the user (that previously had a token) as an unresolvable user and follow the steps mentioned?
  Like • Show 0 Likes0
  Actions
  - Jay Guillette @ Keith Giles on May 8, 2018 11:40 AM
    Mark Correct
    Correct Answer
    Yes.
    Variation on this is to do things in SQL with the internal database. See
    Authenticators Count problem
    discussion which has link to KB on how to access SQL and find UserIDs that authenticators assigned.
    000030005 - How to get an accurate active user license count in RSA Authentication Manager 8.1 using SQL
    Basically you could do in SQL what clean-up can only do with the LDAP filter in place, remove the registered user.
    1 person found this helpful
    Like • Show 1 Like1
    Actions