When you say "automated jobs"; are you referring to the scheduled daily backups RME performs?

Yes. Job based passwords allows you to archive configs or deploy changes using ad hoc manually scheduled jobs, but automated jobs are not possible since token generation cannot happen dynamically.

Help me understand "User Configurable"

RME 3.5-

Under RME> Adminstration> Configuraton Mgmt> Configuration Job Setup, Password Policy tab"

I'm currently have the Enable Password policy check box selected so that when running Netconfig jobs, you have to enter a valid ID and password...

Also, please expand on what you stated above in "using in conjunction with an RSA token generator. It won't allow you to do automated jobs (unfortunately), but it would definitely let RME operate in an OTP environment"

RME will not generate a token for you. You will have to type in the current token at the time you schedule the job. This password will then only be good for that job. Therefore, scheduling jobs to run in the future or repeatedly is not supported with job-based passwords (at least not OTP).

That's the way you should have it for RSA-based rotating token device access. If you select User Configurable the user has the option when creating the job to use or not use Job Based passwords. If they choose not to use JBP, then RME will use the credentials it has in its database when communicating with the device(s).

You say "This password will then only be good for that job". What if I have a Netconfig job that is setup to issue a command on 50 IOS based switches?

So you're saying I will only need to enter the digits displayed on the token and it will telnet to those 50 devices and enter the command on 50 devices with the same token password?

Gotcha.

Thanks for your input. I have a call into RSA and I'll let this forum know what comes out of it....