My RSA cluster was configured by a previous third party that recommend "all users to be created manually and given a token in the same manner". I would like to link in AD so that accounts and tokens auto disable because the AD account is deleted/locked/etc. Would RSA auto disable tokens based on AD status and is there harm in that bob.smith exists in AD and in the Internal DB? I think bob.smith in ad would be seen separately.
Hi Jason,
We do not disable reponses based on the AD status. Is a user is in locked status in USERS table then users woont be challneged unless the accout is unlocked. Usullay it shoudl take 30 minutes for the account to unlocked form Database side.
Hope this answers your question. Let me know if you this is not clear or if you have any other questions.
Regards,
Farshad