Thank you very much for this - it helped fix a similar issue for us.
Would you know if it is possible to grant a securetoken to a user that
has no password? ie: most of our users are SmartCard only and we cannot
get past the "enter password for 'user...