Notes

Recently, I accidentally deleted the information which hardware token is assigned to which user in ESET Secure Authentication (ESET SA).

Luckily, there is a log file (%ProgramData%\ESET Secure Authentication\logs\EsaCore.log) which states which token was revoked from which user:

One problem is that it doesn't state the usernames but the GUID. The next problem is that the GUID mentioned in the log file is not the GUID stored in Active Directory.

I found out that ESET SA stores its data in a SQLite database. I opened the file %ProgramData%\ESET Secure Authentication\db\Users.db using SQLite Database Browser. With this file, I found out which GUID is associated to which AD user and could re-assign most of the tokens to its users.