Generate ad hoc reports for tokens attributes with software token profile names in RSA Authentication Manager 8.x
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.5 or later
Platform: SUSE Linux Enterprise
O/S Version: SUSE Linux 12 SP4 or later
Product Description: RSA SecurID Appliance
Issue
Then they require to run a report with token serial numbers with its software token profile distributed to find how many users are pending.
The software token profile category is not available in the default RSA Authentication Manager report templates. The only way to check on this detail from the Security Console is by opening the token dashboard from the Security Console (Authentication > SecurID Tokens > Manage Existing).
Resolution
1. Launch an SSH client, such as PuTTy.
2. Log in to the primary RSA Authentication Manager server as rsaadmin and enter the operating system password.
During Quick Setup, another username may have been selected. Use that username to log in.
3. Enter the following command to get the database password:
rsaadmin@am87p:> cd /opt/rsa/am/utils/ rsaadmin@am87p:> ./rsautil manage-secrets -a get com.rsa.db.dba.password Please enter OC Administrator username: <enter Operations Console administrator name> Please enter OC Administrator password: <enter Operations Console administrator password> com.rsa.db.dba.password: AbcdEfgh1jklmn0pqr5tuvwxyZNote: The database password will be different for each installation of RSA Authentication Manager.
4. Use the following queries to generate a report with the token attributes and software token profiles:
rsaadmin@am87p:> cd /opt/rsa/am/pgsql/bin/ rsaadmin@am87p:> ./psql -h localhost -p 7050 -d db -U rsa_dba -c "COPY ( SELECT ipd.loginuid, iis.name identity_source,amt.serial_number token_serial_number,amt.token_shutdown_date token_expiry_date_utc,amt.token_code_length,amt.token_code_interval,tp.name profile_name FROM rsa_rep.ims_principal_data ipd INNER JOIN rsa_rep.ims_identity_source iis ON iis.id = ipd.identity_src_id LEFT JOIN rsa_rep.am_token amt ON amt.principal_id = ipd.id LEFT JOIN rsa_rep.am_sw_token_profiles tp ON amt.sw_token_profile_id = tp.id where amt.terminate_date is not null AND amt.token_shutdown_date <= '2027-02-28 00:00:00.000') TO STDOUT WITH CSV HEADER" > /tmp/SWprofileTokens_report.csv Password for user rsa_dba: <enter the com.rsa.db.dba.password string from above>This query generates a report of tokens with software token profile names that shut down before a specific expiration date.
In the example below, the date is 28 February 2027 and can be changed to any date.
loginuid identity_source token_serial_number token_expiry_date_utc token_code_length token_code_interval profile_name testadmin Internal Database 000008888979 2026-07-06 00:00:00 8 60 androidCTF rsatest Internal Database 000008888980 2026-07-06 00:00:00 8 30 Test30SecondsCTF
The report output SWprofileTokens_report.csv is saved in /tmp. You can copy the report using the WinSCP application to your local PC and view them using any text editor or spreadsheet applications.
Related Articles
Generating a report to list unassigned tokens in RSA Authentication Manager 8.x Number of Views Silent install does not create the license2.txt for customers who purchased in EMEA Number of Views Generating a Software Token Report for RSA Authentication Manager with Lifetime Extension Information Number of Views How to generate a report of registered users in RSA Authentication Manager 8.x database Number of Views Maximum Tokens Exceeded message while importing RSA SecurID software tokens to the RSA SecurID Software Token for Microsof… Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes for RSA Authentication Manager 8.8 Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
