How do I clear the message token status "Next tokencode required" when a user is attempting to connect?
Hi ANNE MARIE STEINBERG,
you can clear Next token code mode by clearing incorrect pass codes from security console> Identity > Users > Manage Existing > dashboard >Authentication settings.
The below are some useful links to understand next token mode and resync
000029890 - Resyncing RSA SecurID tokens using RSA Authentication Manager 8.1 Self-Service Console
000029685 - Explanation of Next Tokencode Mode and Small, Medium and Large authentication windows in RSA Authentication Manager
There are also instances where this can also happen to a larger set of users and if it then it is a something to do with the time source RSA Appliance is configured.
Review all the NTP sources or the #VM host times providers are correct.
A reboot of the RSA Appliance would be necessary as a part of best practices.
Post that list all the tokens in your environment to review of any offset values
Login to RSA Appliance via SSH
Enable Secure Shell on the Appliance and Log On to the Appliance Operating System with SSH
rsaadmin@am81p:~> cd /opt/rsa/am/utilsrsaadmin@am81p:/opt/rsa/am/utils> ./rsautil sync-tokens -I
Copyright (C) 1994 - 2014 EMC Corporation. All Rights Reserved.Enter the absolute path for the output report file : /tmp/token_report_resync.txtEnter the base security domain name for recursive search [(none)]: SystemDomainEnter the type of token selection [ (all) | file ]: <press Enter to select all>Choose a token filter [ assigned | unassigned | (both) ]: <press Enter to select both>What action do you wish to perform? [ (list) | modify ]:<press Enter to select list>Enter administrator user ID : <enter the name of super admin internal database user>Enter administrative password : <enter the password for super admin internal database user>
Post this, a file token_report_resync.txt shall be created in the /tmp directory of the RSA AM Primary appliance server. You can review the second column in the file to see if it has any offset values for the tokens in question
Hope the above helps.
Retrieving data ...