Troubleshooting guide

A: Migration Data Conversion 95

RSA Authentication Manager 6.1 to 8.1 Migration Guide

A Migration Data Conversion

Conversion of Migrated Data

The following table describes how different types of data are migrated.

Data Migration Result

LDAP synchronization jobs Records with direct LDAP associations, like users and

groups, are verified to ensure they exist in the identity

source. Records with no LDAP associations are created in

the internal database if requested.

User data User data is migrated, including the following:

• The name of the RADIUS profile, if any assigned.

• Cross-realm association, if any.

• Logons with domain name. The name may be converted

from NTLM to UPN.

A user’s attributes are not migrated if the user’s security

block is empty. The security block holds the Windows

logon password and emergency access password, which

are both used for SecurID for Windows.

PIN data PINs are migrated.

Expiration dates for PINs are not migrated. If you want to

set expiration dates for migrated PINs, see the Security

Console Help topic “Edit a Token Policy.”

Site data Sites are migrated to security domains.

Group data Groups are migrated to user groups. In version 6.1, groups

may contain LDAP and non-LDAP users. Migration

creates parallel groups for LDAP and non-LDAP users.

Group access restrictions are also migrated.

In version 6.1, an administrator can be scoped to a specific

group. The association between an administrator and a

group is not migrated.

User to group membership data Group memberships are migrated to user group

memberships. Other group membership data, such as the

group alias and shell data is also migrated.

Agent to group activation data Group activations on authentication agents are migrated.