Resynchronize an Authentication Device

If the user’s authentication device has generated more passwords than the number specified as the maximum number of tries allowed (without successfully sending the passwords to the server), then you must help the user resynchronize the device.

Note: The Synchronize options are different in the Administration Console and the Web Help Desk; the Counter field might not be available. See below for instructions on enabling the Counter field.
  1. In the tree in the left pane of the Administration Console, select Help Desk, then search for a user via the drop-down list of LDAP queries. Optionally, enter a User ID or Device serial number in the appropriate field.

  2. Select the user from the Search Results display, then click Help Desk.

  3. Click Resynchronize.

    Note: Mini Token Clock Values: The Clock field is only available for ActivID Mini Token AT and OT. It is not available for ActivID Mini Token AE and OE. You can only resynchronize with a password.
    Note: Counter Values: By default, the Counter field is disabled to avoid damage to the device data. To resynchronize with a device’s Counter value, enable the field by setting the registry key HKEY_LOCAL_MACHINE\SOFTWARE\ActivCard\ActivPack\ActivPackAdmin\EnableDeviceCounterResynchronization to 1. For further information, contact HID Global technical support.
    Note: Resynchronization with counter values is not available or Soft Token v2 TOTP.
    Note: AAA Server registry keys on 64-bit platforms use the root path: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ActivCard\
  4. To resynchronize using a password, ask the user generate a password with the device.

  5. Enter it in the Password field, then click OK.

    • If the device is not too far out of sync with the AAA Server, then the AAA Server successfully resynchronizes with the device.
    • If the device is too far out of sync with the server, then the user must give you the device’s current clock value.

  6. To resynchronize with the device clock value, ask the user to give you the device’s clock value.

    Users can refer to device documentation for instructions on how to view the clock value. If the user is authenticating with an ActivID USB Key, you can retrieve the values with ActivID Gold or ActivClient utilities.

  7. Enter the value in the Clock field and click OK.