Hello I am new to RSA SecurityID and we are currently out of licenses. Existing users can log in, however, we can no longer add/assign tokens/licenses to new users. Is there a way to reclaim expired tokens and are tokens equal to license? Is there any adverse affect if I export tokens and users? I want to compare to accounts that are active in AD. Again, I am new to RSA and have zero training.
A user counts against the active user license limit if they have a token, including on-demand tokens, if they are enabled to Risk Based Authentication, or if they have a Fixed Passcode assigned, but they can only count once against the limit even if they have 3 tokens assigned. So you need to identity who counts.
If your users are in an external Identity Source, Like Active Directory, run a Clean up, either now or scheduled
If users have been removed from AD, the clean-up job will find the tokens assigned to ex-employees and return them to available and lower your active user count.
Other approach would be to manually look through Security Console - Identity - Users - Manage Existing, and identity users who no longer need tokens.
Run a report on Users with tokens could help too