Hi - We have RSA AM 8.1 under support. Current set of hardware tokens have support expired. Those users who were assigned tokens are able to work normally. But when we try to assign another token it does not work. This is the current behavior. So we ordered a net set of tokens.
I have the following questions:-
1) Can the old set of tokens that are currently working coexist with the new ones?
2) Do we have to import new token file for the new set of hardware tokens or can we do a simple replacement of old to new?
Regards
Prasant Nair,
1) Can the old set of tokens that are currently working coexist with the new ones?
Yes, you can import new tokens into your Authentication Manager server. The tokens that have not yet expired will continue to work, as will the new tokens. See the RSA SecurID Token Record Decryption Tutorial for information on how to decrypt the new token media.
2) Do we have to import new token file for the new set of hardware tokens or can we do a simple replacement of old to new?
Yes, you will need to import the new token seed media for your new hardware tokens via the Security Console, assign the new tokens to the users and make sure they are delivered to the end users in a secure fashion.
Let's say you have a user named Alice who has hardware token 000111111111 assigned to her. This token will expire on 30 June 2018. You assign her token 000222222222, which will expire on 31 December 2025. (use the online help for steps to replace a token). When you create a replacement token, it sets a flag in the database noting the original token and the replacement. When Alice receives her new token, she can keep using her old token until 30 June 2018 then use 000222222222222. Alternatively, she can start using 000222222222222 immediately. If she does, it will disable 000111111111111 at her first authentication with the new token.
See Import a Token Record File for the steps. Please also see this article on how to Assign a Hardware Token to a User in the User Dashboard.
Regards,
Erica