can we use same license on more than 1 RSA securID setup?
if in one setup tokens are attached to a license and in new setup if there is new license, is it possible to export/import users with tokens?
Yes you can set up an entire DEV/TEST environment using the same license.
You can import/export between systems with the same license.
You can import/export between systems with different licenses,
but note that the target 'Users with Assigned Authenticators' number should be equal or higher
than the source, otherwise you may exceed the license limit of the target.
setup1 is build with license1 which will have tokens with serial numbers
setup2 is build with license2 which will have tokens with serial numbers.
license2 will be having different serial numbers than license1.
so my question:
if i am export/import users with tokens from setup1, will it work in setup2 which is built on license2 which will have different serial numbers?
while setting up the primary appliance it asks for the license file, is it possible that we can use the same license files in 2 different setups in production.
in setup and configuration guide it is mentioned that:
what is the impact if 'Users with Assigned Authenticators' is lesser than the user & tokens to be imported.
e.g. target setup has 1000 'Users with Assigned Authenticators' limit but users and tokens to be imported system are approx. 2000.
When your license limit is 2000, you can import as many tokens as you want, and you could connect to an LDAP Identity Source that contained 100,000 users, but only users that have at least one authenticator assigned; hardware or software token, Fixed passcode, or is enabled for OnDemand Authentication (ODA) or Risk Based authentication (RBA), that user counts against the 2000 active user license limit.
RSA sells two things; Active User Licenses (which is a count) and Authenticators (which are software or hardware tokens, Fixed passcodes, or ODA/RBA enabled users). But confusion comes from RSA and how it names products, because when you enable an ODA/RBA user, which technically is an Authenticator, you do this with an ODA/RBA license. Therefore you need an ODA/RBA license to enable a user who will then count against your Acitve User License Limit
000030005 - How to get an accurate active user license count in RSA Authentication Manager 8.1 using SQL
Couple of points;
1. a User only counts once against the active User license limit, even if they have 3 tokens, a fixed passcode and are enabled for both ODA and RBA., i.e. they would be a single licensed user with multiple authenticators.
2. When you reach your active license limit you will not be able to assign any new users with any authenticator until you unassign authenticators from other users
3. You can sometimes exceed your active user limit if you import users and tokens in bulk, or restore a database from your 11,000 user license deployment into your 2000 user license deployment. It will work, but you cannot assign any new users, and will have problems managing users and making changes that are not un-assigning tokens
4. expired tokens that are assigned to users, even former users still listed in your LDAP identity source count against your active user license limit. You need to run clean up immediate or batch jobs. We have seen some situations where the user in LDAP or AD, while still assigned an authenticator, gets moved in LDAP and renamed at the same time, so that RSA cannot find them. They still count against the License limit. If you only make a single change at a time in LDAP, RSA will still be able to find this user, but making multiple changes at once does not allow RSA to maintain the link nor does it allow RSA to unlink. Call Support.
Retrieving data ...