I want to get a report of all users whose tokens are in "lost status" from RSA. Is this do-able?
Asked
Active
Viewed 1,298 times
3 Answers
1
If you're referring to SecurID tokens, then the RSA Authentication Manager application includes this functionality. From the Token menu, chose "List tokens..." and then in the list section choose "All lost tokens". You can generate the list to screen or to a file.
You can also do this in the web administration interface if you have that set up, by searching on token status.
William
- 1,158
- 8
- 9
0
I do not have any tokens marked as lost to test against, but building out the report this way should work.
From the Security Console, create a new report with the following settings:
Select Template -> "Users with Tokens"
Select Output Column -> "Users"
Select Input Parameter -> "Identity Source" = your_ID_source
Select Input Parameter -> "Lost Token" = "true"
Scott Pack
- 14,907
- 10
- 53
- 83
0
In a Public Key Infrastructure when a key is lost or stolen then it is placed on a black list which everyone has to check to make sure that the certificate is still valid. OCSP is the protocol that is commonly used to support a Recovation List
This is how you query an OCSP server from the command-line using the OpenSSL tool chain.
openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
-issuer demoCA/cacert.pem -serial 1
Rook
- 2,655
- 6
- 27
- 35