Clicking the Edit button opens up a page listing the token owner UID, the token CUID, the token status, and the token policy. Agents can edit one field for a token in this page, setting the policy that is in effect.
The two supported token policies are RE_ENROLL, which allows a user to re-enroll certificates with the same token, and PIN_RESET which allows the token user to initiate a PIN reset operation. The values for both of these are either YES or NO. Both policies can be set by separating them with a semi-colon. For example, to allow the user to reset his PIN but to disallow re-enrolling with the same token, the policy would be as follows:
RE_ENROLL=NO;PIN_RESET=YES
NOTE
If the PIN_RESET policy is not set, then user-initiated PIN resets are allowed by default. If the policy is present and is changed from NO to YES, then a PIN reset can be initiated by the user once; after the PIN is reset, the policy value automatically changes back to NO.
More token information can be modified through the Administrator Operations tab.