Generate a report of users with more than one token assigned in RSA Authentication Manager 8.x
Originally Published: 2019-05-08
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
Resolution
- Launch an SSH client, such as PuTTY.
- Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.
Note that during Quick Setup another user name may have been selected. Use that user name to login.
- Enter the following command to get the database password:
rsaadmin@am83p:> /opt/rsa/am/utils/rsautil manage-secrets -a get com.rsa.db.dba.password
Please enter OC Administrator username: <enter Operations Console administrator name>
Please enter OC Administrator password: <enter Operations Console administrator password>
com.rsa.db.dba.password: ckg2DBtNZLy80TADWcGqdF0NOJygAQ
Please enter OC Administrator username: <enter Operations Console administrator name>
Please enter OC Administrator password: <enter Operations Console administrator password>
com.rsa.db.dba.password: ckg2DBtNZLy80TADWcGqdF0NOJygAQ
Note that the database password will be different for each installation of Authentication Manager.
- Use the following queries to generate the desired report(s):
- Generate a report with users that have more than 1 token assigned (2 or 3)
rsaadmin@am83p:>/opt/rsa/am/pgsql/bin/psql -h localhost -p 7050 -d db -U rsa_dba -c "COPY ( select PD.loginuid from am_token AM join ims_principal_data PD on AM.principal_id=PD.id group by loginuid having count(*)>1) TO STDOUT WITH CSV HEADER " > /tmp/report_usertoken1.csv
Password for user rsa_dba: <enter the com.rsa.db.dba.password string from above>
- Generate a report for users that have only two tokens assigned:
rsaadmin@am83p:>/opt/rsa/am/pgsql/bin/psql -h localhost -p 7050 -d db -U rsa_dba -c "COPY ( select PD.loginuid from am_token AM join ims_principal_data PD on AM.principal_id=PD.id group by loginuid having count(*)=2) TO STDOUT WITH CSV HEADER " > /tmp/report_usertoken2.csv
- Generate a report for users that have exactly three tokens assigned:
rsaadmin@am83p:> /opt/rsa/am/pgsql/bin/psql -h localhost -p 7050 -d db -U rsa_dba -c "COPY ( select PD.loginuid from am_token AM join ims_principal_data PD on AM.principal_id=PD.id group by loginuid having count(*)=3) TO STDOUT WITH CSV HEADER " > /tmp/report_usertoken3.csv
- The reports are saved in /tmp. You can copy the reports using the WinSCP application to your local PC and view them using Excel.
Related Articles
Video Demonstration: Changing the Hostname and IP Address and Generating a Configuration File in Authentication Manager 8.… Number of Views SailPoint IdentityNow - SecurID Authentication Manager Configuration Number of Views How to generate a report of registered users in RSA Authentication Manager 8.x database Number of Views View All Tokens Assigned to a User Number of Views How to generate a report to list all users with a fixed passcode in Authentication Manager 8.x Number of Views
Trending Articles
RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Unable to login to RSA Authentication Manager Security Console as super admin Error Unable to resolve user by login ID and/or alias, or authenticator not assigned to user when attempting to authentica…
Don't see what you're looking for?
