Restrict the Number of Active Tokens per UserRestrict the Number of Active Tokens per User
You can change the maximum number of active SecurID tokens allowed per user. The default limit is three active tokens for each user. Tokens that are managed in the Cloud Authentication Service do not count towards the three token limit.
Before you begin
Operations Console administrator credentials are required.
Procedure
-
Log on to the appliance using an SSH client.
-
Change directories:
cd /opt/rsa/am/utils
-
Run one of the following commands:
-
To set the limit for active tokens per user, type the following, and then press ENTER:
./rsautil store -a add_config auth_manager.admin.maximum_usable_tokens <1> GLOBAL 501
where <1> is an integer from 1 to 3 that specifies the maximum number of active tokens per user. For values outside the range [1,3], Authentication Manager uses the default limit of three active tokens.
-
To change the limit after setting it for the first time, type the following, and then press ENTER:
./rsautil store -a update_config auth_manager.admin.maximum_usable_tokens <1> GLOBAL 501
where <1> is an integer from 1 to 3 that specifies the maximum number of active tokens per user. For values outside the range [1,3], Authentication Manager uses the default limit of three active tokens.
-
-
When prompted, enter your Operations Console administrator User ID, and press ENTER.
-
When prompted, enter your Operations Console administrator password, and press ENTER.
-
Restart all Authentication Manager services on the primary instance and all replica instances:
cd /opt/rsa/am/server
./rsaserv restart all
Related Concepts