The following is a command-line utility to extract the list of all tokens created in a Mi-Token instance.


Download the zip file and unzip it in any server's directory where the Mi-Token RADIUS plugin or API Service is installed.


In your server, go to the installation directory of the RADIUS Plugin or API Service, for instance:


C:\Program Files\Mi-Token\RADIUS Plugin\ADAM Install Logs\ 


Inside, there will be at least one directory named after the timestamp of the moment where the software was installed. If you have upgraded or repaired the installation, you will see more directories. Browse the oldest one.


For instance:

C:\Program Files\Mi-Token\RADIUS Plugin\ADAM Install Logs\2020-12-13 19.09.42



Inside you will find a log.txt file.



Open it and look for the following line:


DEBUG MiToken.ActiveDirectory.Library.DirectoryUtils - getting attributes from CN=NTDS Settings,CN=ADSERVER$Mi-Token,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,CN={C1B9B15D-A138-420F-AC22-9F065F5EEDB5}


ADSERVER would be replaced with your server's name.

C1B9B15D-A138-420F-AC22-9F065F5EEDB5 is the ID of your installation. It will vary on your server, copy it (without the braces) and save it for the steps below.


Using the Files Browser window, go to where the reporting tool unzipped files are and edit the MiTokenTokensReport.exe.config file.



The config file is an XML formatted file. Look for the <appSettings> tag:



For the tokenPath key, replace adserver with your server's name, and C1B9... With the instance ID you got from the installation log files.


For the contextDomain key, replace its value with your context domain name.


The reporting utility will extract the information of all tokens found, including temporary ones. If you wish to exclude temporary tokens, set the omitTemporaryTokens key to true (default). Otherwise, change it to false.


Confirm your changes and save the file.


Open a command-line window with an account with Domain administration privileges, and navigate to the directory where the unzipped files are. For instance:



Run the Tokens Report extraction tool: MiTokenTokensReport.exe:



The program will create a CSV file named after the date and time it was when the program was run, for example:



The file contains the list of existing tokens up to the time it was run, with the following columns:


  • Token Id
  • User Assigned to
  • Description
  • Assigned Date
  • Last changed


This is a sample of the contents of the output file:



The files are created in the same directory as the executable file.


The program requires that each user account has the UPN field defined. If the program finds any user account without that datum, it will be reported and listed as part of the output of the program, as shown below:



To include those users' tokens in the report, define the UPN for the reported accounts and run the program again.


The MiToken_tokensReport_ignoreDisabledUsers.zip ignore Disable Users if the parameter is setting “true”, run this version only if you want to use this feature.