This third option is a requirement whereby the users will be required to activate their own tokens, however for security reasons the company policy does not allow an activation code to sent out via email or SMS.
This option is particularly useful if you are planning to use Computer FingerPrint to protect logon to the Self-Service Console as a grace period will need to be set up in order for you still to be allowed access in order to activate the DevicePass Token.
...
Set Device Activation to do nothing as it we will be Admin who will be activating the DevicePass token on the Admin Consoleallowing a grace period, in which the end-user can activate their token.
Remove the option to allow users to request the activation code and change the contact info message to something more appropriate if you do not wish the administrator to be contacted
...
https://wiki.deepnetsecurity.com/display/DualShield6/Message+Gateways )
You can also edit the grace period notification under Customisation>Message Templates>Grace Period Notification. This is particularly useful if you are not allowed to send an activation link.
