This third option is a requirement whereby the users will be required to activate their own tokens, however for security reasons the company policy does not allow an activation code to sent out via email or SMS.
This option is particularly useful if you are planning to use Computer FingerPrint to protect logon to the Self-Service Console as a grace period will need to be set up in order for you still to be allowed access in order to activate the DevicePass Token.
Device Activation Options
Set Device Activation to do nothing as we will be allowing a grace period, in which the end-user can activate their token.
Remove the option to allow users to request the activation code and change the contact info message to something more appropriate if you do not wish the administrator to be contacted
Set Device activation method to 'Send Activation Code to the user when created or asssigned'
Grace Period Options
Set an appropriate time frame for the grace period
The Grace period applying to the first token only is optional
Sending a Grace Period Notification is also Optional but useful. Depending on what message gateways have been set up you can apply different delivery channels.
(Please refer to the following wiki page to set up message gateways
https://wiki.deepnetsecurity.com/display/DualShield6/Message+Gateways )
You can also edit the grace period notification under Customisation>Message Templates>Grace Period Notification. This is particularly useful if you are not allowed to send an activation link.
