Chapter 3: Active Directory Management
Assigning tokens to users
48
4
Click
Apply
or
OK
. The PIN is now required each time this user
authenticates using passcodes generated with the assigned token.
5
If the user does not require a PIN, simply clear the existing PIN from the
field labeled
PIN (appended to their token passcode)
.
Resynchronizing Hardware tokens
There are occasions when a SafeWord token will get out of synchronization
and its generated passcodes will not function properly. If this occurs, you will
need to resync the token. To resync a token, do the following:
1
In ADUC, select the
Users
folder on the left side of the window.
2
Right-click the user
whose token you need to resync, then select
Properties
.
3
Click the
SafeWord
tab.
4
In the Token Maintenance area, click the
Re-sync...
button to display the
Re-synchronize token window, then enter two sequential token passcodes
(plus appended PINs, if assigned), and click the
Re-sync
button.
Searching for unassigned tokens
To search for unassigned tokens, do the following:
1
In ADUC, expand the
SafeWord
node in the left pane.
2
Click the
Tokens
icon.
Token serial numbers and assigned users appear in the right pane. Unas-
signed tokens appear with
[Not Assigned]
under the Assigned to User list.
Finding users associated with specific tokens
To use SafeWord 2008’s included Search utility to help you find the users and
their tokens, do the following:
1
In ADUC, expand the
SafeWord node
in the left pane, and select the
Search
node.