Assign Devices from the AAA Server Administration Console

  1. Right-click on the icon for the device that you want to assign to a user, then select Assign from the menu.

  2. Select either Group or the LDAP query.
  3. Select a value from the drop-down lists in either the Select group or the Select query fields.

  4. You do not have to define the User ID field unless you want to filter more specifically within a large group of users.

    5. Note: To set a more specific filter for users within a group or within an LDAP query, enter a value in the User ID field. Use “*” before and/or after your string to match any other characters. Use LDAP syntax.
    Note: HID Approve devices cannot be assigned as they are specific to the device on which they were generated. Because of this, the Assign button is unavailable in the Device Assignment window for HID Approve devices.
  5. Click Search. The users matching your selected group or query are displayed.
  6. Select a user, then click Assign. The device serial number immediately is displayed next to the user’s name.

  7. If you are assigning a Mini Token and the PIN policy requires a PIN code to be set during assignment, you are now prompted to set the PIN code.

  8. Enter and confirm the required PIN code, then click OK.

  9. Communicate the PIN code and policy requirements (before or after the OTP) to the device owner.

    For the Mini Token PIN policy settings, see Configure the Synchronous Authentication Counter.

  10. AAA supports assigning multiple devices to the same user. To do this, repeat these steps after choosing a different device in step 1.

    To assign multiple devices to users, you must map a multi-valued LDAP field to the device serial number in the AAA Administration Console Tools, Options, LDAP screen, as described in Configure the Connection to LDAP. For further information on how the AAA Server interacts with LDAP directories, see LDAP Directory.