How to provide On-Demand Pin for a selective 10- 50 users, as we can see the Enable users give all the users in Alphabetical order and there is no criteria to search for particular few users to provide ODA.
How to provide On-Demand Pin for a selective 10- 50 users, as we can see the Enable users give all the users in Alphabetical order and there is no criteria to search for particular few users to provide ODA.
Hi Edward,
Thanks for your reply, can you please provide any steps or a screenshot where I can find the Authentication Manager Bulk Admin and to enter the EODA in the Command Line. Any steps or a document that you can share it to me would be great full to learn the procedure to provide ODA in bulk.
AMBA is included with AM 8.2 and later, but it does require an enterprise license. Full documentation of AMBA functions and features, command line syntax, and sample AMBA scripts is available here (part of the standard RSA documentation set for Authentication Manager): RSA Authentication Manager 8.4 Bulk Administration Utility (AMBA) Guide
Are you using Security Domains to scope administrative data?
You could move the users to a sub-Security Domain and use the Security Domain filter to just select the users that are trying On-Demand. AM allows the administrator to create a Security Domain hierarchy.
There are currently four user attributes that can be used to filter search results. I would be interested to hear which other attributes would be useful.
Of course, I would also recommend you take a look at the RSA SecurID Access Cloud Authentication Service. This provides a policy-driven, multi-factor, cloud-based authentication service (including SMS OTP) and integrates with your on-premises RSA SecurID Authentication Manager.
You can use Authentication Manager Bulk Admin EODA on command line, and input a .csv file with userid's and pins:
Enable OnDemand Authentication
This command enables an OnDemand Authenticator for a principal. A PIN may be
assigned or system generated. Some field names are duplicates of field names used for
token management but may have slightly different usage. Consult this guide and the
RSA Authentication Manager Help for the correct definition of ODA command fields.
Results are written to the AMBA results file. Use the CRFN command to change the
results file path and name.
Optional Fields IdentitySource, SecurityDomain, InstanceName, PinMode*,
ExpiryDate, DeliveryMethod, DestinationAddress*,
TemplateFile, OutputOption
* These fields are ignored when PINIndicator is set to GENERATE_PIN.