We cannot program Defender soft token to any AD user.

 When trying to program a soft token we recieve an error message : Unable to program token.

After refreshing the AD Defender - token contaner it's appear that that the token have been created but cannot be assign.also user has not recieve any mail concerning soft token actication number

Parents
  • Hi Martial,

    What version of Defender are you using?

    When you installed Defender, did the account used for installation have the required group memberships of Domain Admins, Schema Admins, and Enterprise Admins?

    - If not, please re-run the Defender installation with an account that has the above group memberships

    Is the service account a member of Domain admins? if not, please make sure that the service account is a local admin on the server that has the Defender Management portal installed and also delegate AD permissions as per the KB article below:

    https://support.oneidentity.com/kb/4292085/how-to-run-the-delegation-wizard-and-delegate-defender-permissions

    Thanks!

  • Hi Tawfiq

    thanks for your reply.

    The service account is member of all the require AD group and also memeber of local Administrtor group.

    When configuring the service account on the management portal I got this error

    ErrorUnable to validate the System Service Account user's logon privileges (Accès refusé). Please ensure that
    you have the correct rights to perform this action.

    Unable to modify the file security for the reports configuration file (Attempted to perform an unauthorized operation.). Please ensure that the System Service Account has read access.
    Configuration

Reply
  • Hi Tawfiq

    thanks for your reply.

    The service account is member of all the require AD group and also memeber of local Administrtor group.

    When configuring the service account on the management portal I got this error

    ErrorUnable to validate the System Service Account user's logon privileges (Accès refusé). Please ensure that
    you have the correct rights to perform this action.

    Unable to modify the file security for the reports configuration file (Attempted to perform an unauthorized operation.). Please ensure that the System Service Account has read access.
    Configuration

Children