Configure RSA RADIUS to Use System-Generated PINs

RSA RADIUS does not allow system-generated PINs by default. If you choose to allow system-generated PINs, authentication will fail unless you change the RADIUS configuration file, securid.ini, on each RADIUS server to allow system-generated PINs, and then restart RADIUS.

Before you begin

You must be a Super Admin.


  1. Log on to the Operations Console on the RSA Authentication Manager instance hosting the RADIUS server.

  2. Click Deployment Configuration > RADIUS Servers.

  3. If prompted, enter your Super Admin User ID and password.

  4. Select the server hosted on this instance, and click Manage Server Files from the context menu.

  5. In the Configuration Files tab, select the securid.ini file, and click Edit from the context menu.

  6. Find the following line:

    AllowSytemPins = 0

    The 0 indicates that system-generated PINs are not allowed. To allow system-generated PINS, change the setting to the following:

    AllowSystemPins = 1

    The 1 indicates that system-generated PINs are allowed.

  7. Click Save and Restart RADIUS.

  8. Restart the RADIUS server for the changes to take effect.