RISCO Group SafeWord OTP Server User Manual

OTP Server Installation Manual

Uncontrolled when printed

© RISCO Group

14

1.5

Managing Users in Active Directory

If you already have an existing Active Directory (AD) database of users, the SafeWord Management

Snap-in allows you to use the familiar Active Directory Users and Computers (ADUC) console to assign

SafeWord tokens and SoftPINs to your existing users.

1.5.1

Assigning Tokens to Users

To assign tokens to already created users in AD:

1. Launch ADUC.

2. On the left side of the window, select the Users folder.

Note: You can choose to have users in a container other than the default Users folder. This

container is sometimes referred to as an “organizational unit” and is special because of its
security boundary. You can delegate administration of this organizational unit, whereas
administration of the default Users folder cannot be delegated. The default Users folder is
a regular container and is named Users.

3. Locate the user to whom you will be assigning a token, right-click the user’s name and select

Properties, then in the user’s Properties window click the SafeWord tab.

Figure 14: User Properties

Note: If some of your users will share a token, assign the same token serial number to each user

who will share it.

4. In the Token serial number field (found in the SafeWord tab), enter the token’s serial number,

and an optional four-digit PIN.

5. Click Apply to activate the lower portion of the window, allowing you to test the token (refer to

section 2.4.2 Testing Tokens).

6. Click OK to close the window.