If you received a new batch of SecurID tokens they will not have the same token serial numbers as your existing tokens and you can import them with no issue. The option to ignore duplicates is the safer option but there will be times when you need to overwrite duplicates. More information is below.
If tokens have been accidentally removed from your Authentication Manager 7.1 install, you can import them again via the Security Console by following the steps below. To import new tokens into the database, also follow the steps below.
3. Browse to the token seed xml file you received from RSA or from your reseller. Depending on the type of token you received you may have the addition step of decryping the token to access the token xml file. The the token file name should be in the format of nnnnnn-nn-n_TOKEN.xml, where n is a number.
We are facing issue regarding software token. When we try to add software token in RSA software (Windows) it will give an error "Token import failed. Duplicate token" but token is still usable. Kindly find the attached screenshot and help us to find why we are getting duplication error.
RSA provides an XML file that contains the token records that your organization has purchased. Before you can work with individual token records, you must import the token record XML file into Authentication Manager. All imported tokens are automatically disabled until the tokens are assigned by an administrator. Only enabled tokens can be used for authentication. This security feature protects the deployment if the tokens are lost or stolen.
For software tokens, token record data will eventually be transferred into a software token application. Each token record contains the token seed and metadata such as the token serial number, expiration date, and the tokencode length and interval.
If you import the same XML token record file twice, for example, because you accidentally deleted a token from the database, when you re-import the XML token record file containing the deleted token, the other tokens will be duplicates. You can choose to handle duplicates in one of two ways:
I have a question I know this was posted many times but I didn't find an answer to my problem. The problem is that I have a table and a column "id" I want it to be unique number just as normal. This type of column is serial and the next value after each insert is coming from a sequence so everything seems to be all right but it still sometimes shows this error. I don't know why. In the documentation, it says the sequence is foolproof and always works. If I add a UNIQUE constraint to that column will it help? I worked before many times on Postres but this error is showing for me for the first time. I did everything as normal and I never had this problem before. Can you help me to find the answer that can be used in the future for all tables that will be created? Let's say we have something easy like this:
By design, FortiTokens (except the hardware FortiToken-211 and FortiToken-300 series) are always linked to the serial number of the unit on which they are activated. In any situation where tokens are moved to another unit, the Token license (Mobile Tokens) or Token seed (Hardware Tokens) needs to be transferred and manually added to the new unit.
Note: If a migration involves moving from a VM to another VM (FortiGate VM to FortiGate VM, or FortiAuthenticator VM to FortiAuthenticator VM), and the VM serial number stays the same, the below is NOT required; the configuration simply needs to be migrated in full. The steps following below are necessary when the device's serial number changes!
If FortiToken Mobile licenses need to be moved, this is done via a ticket to Fortinet Customer Service; the ticket should include the old and new device's serial numbers, along with the FortiToken license serial number itself.If hardware FortiTokens are moved, this can be done by Technical Support through a ticket as well; the ticket needs to include the FortiToken serial numbers in question.
6) Paste the modified 'config user local' lines; they should be interpreted as proper CLI commands and recreate the local users (including passwords) Alternatively, to import only the user list, the whole 'config user local' part can be extracted and in a text editor remove the lines containing 'two-factor' and 'fortitoken' and to import them via CLI. The usual local user with an assigned token is in the following format:
Note: the lines with 'two-factor and 'fortitoken' need to be stripped because FortiTokens cannot simply be migrated as part of the FortiGate configuration, due to the licence/seeds being bound to the old serial number and needing to be associated with the new serial number first.
RSA SecurID is a multi-factor authentication technology that is used to protect network services. The RSA SecurID authentication mechanism consists of an assigned hardware or software "token" that generates a dynamic authentication number code at fixed intervals. Users provide the unique number code when logging into a protected service from any network outside the State network.
What is a Token Passcode?For a Software Token, your Token Passcode is the eight-digit number generated after entering your PIN on the RSA App. On your Soft token, the passcode refreshes every sixty seconds. If you have difficulty logging in after providing the passcode, ensure the correct PIN was entered.
For a Software Token, your Token Passcode is the eight-digit number generated after entering your PIN on the RSA App. On your Soft token, the passcode refreshes every sixty seconds. If you have difficulty logging in after providing the passcode, ensure the correct PIN was entered.
When you open the Yubico OTP settings (under Applications), you may generate a new "Public ID", "Private ID", and/or "Secret Key", but these are not written to the token unless you actually click the Finish button. There is no way to read your existing "Public ID" (if you did not use the device serial), "Private ID", and "Secret Key" information off the token once it has been written.
You will need the Public ID (which is the token serial number if you checked the "Use serial" box earlier), Private ID, and Secret key to add the YubiKey to your Duo account. You may also want to save this information, along with the Public Identity, somewhere safe since you will need them if you use this YubiKey with other services in the future.
You can see the serial number (004524654257), manufacturer, and model on the first row, and you can see the name of the associated Azure AD device (named with the serial number) toward the bottom right). If you click the Associated Azure AD device link (blue text), you can see the actual Azure AD device object:
You can apply filters to the list of hardware tokens so that it is easier to see specific tokens. You might do this after you import a large number of hardware tokens if you want to see only specific tokens in the list, such as unassigned tokens or tokens that have a specific status.
If devices in Device42 have duplicate serial numbers, only one of these devices will be successfully synced to Freshservice. The rest will fail to be synced and the overall sync status will be set to failed. This is due to Freshservice not allowing assets with duplicate serial numbers. In the sync log of the Device42 Freshservice app, you will see an error like the following:
A more complete automation is the following Windows Autopilot cleanup script (optionally with the parameter to cleanup the Intune device objects as well). It runs the Autopilot cleanup function, then starts the Autopilot Sync to your tenant, and does a re-check if all the device serial numbers are deleted from your tenant.
Hi Oliver you have been a savior with this script. i deleted the modules and reimported them. We are also working off a filtered network so that may have been an issue as well. Once i deleted the module and re imported them the script seems to be working correctly. The only issue i am getting is a 504 gateway timeout and that may be that i have too many serial numbers trying to delete. Thank you Thank you for this. This saved me from deleting them 1 by 1. keep up the great work and thanks again.
Hi is there any way to change the group tags of already enrolled devices using a csv with multiple serial numbers only? We have many enrolled and assigned to a group tag but we need to change hundreds of them. It will be too time consuming to change the group tags 1 by 1. Thank you so much
hmmm, interesting. How many devices are you trying to delete? did you try to lower the batchMaxCount from 20 to maybe 10 just to see if this has an effect? The request status 400 seems like the serial number maybe no found. Maybe a formatting issue in the CSV?
Keep in mind if they are already joined in Azure you may have to manually delete them from there first. For some reason i get a 400 error unless they are deleted.. Once delete from Azure i copy paste all my serial numbers in the csv, 2b1af7f3a8