Are there any issues with disabling TLS 1.0 on the Wetier server? We're running 8.4 patch 11 and the Webtier is running Windows OS. If we disable TLS 1.0 on just the Webtier, will this affect the primary auth manager and replicas?
I have some users requesting to register the app on another device. Can they register the app on multiple devices? If so is this a security risk other than the user losing it or having their device stolen?
I am trying to add multiple user aliases to an account (around 50 - 100) Using the GUI I am only able to add one at a time. To save some time and for future edits, we are trying to do this using the API. I have found documentation on editing a user but no attribute for the Alias.
OK In the Dev guide see Class AMPrincipalAliasDTO This data transfer object (DTO) is used to specify an alias user ID for an existing Authentication Manager principal and optionally the location of a shell that will be set upon a successful logon of the user with the alias user ID. One or more aliases can be set for a user using the…
What options are available to customize the "Critical Event Notifications" that are generated by the Authentication Manager server? Right now all events are sent with the subject of "Critical Event Notification" which has caused confusion with our on-call engineers as not all alerts are the same (low tokens, LDAP connection, backup failed, etc.).…(Show moreShow less)
Currently there is no option to customize the critical event notifications. Following RFE has already been submitted. RFE- Allow Critical System Event Notifications to be customized : AM-28329 Regards, Bharath Madhiraju
Hi, Can someone please help me with below situation, We have a Citrix external gateway with RSA Secure ID as 2FA for user authentication and in our current Citrix external logon page users need to input Domain name + User name in user name field. i.e 'Domain\UserName' We have configured and removed Domain name input from Citrix Netscaler…(Show moreShow less)
Your incoming usernames must be firstname.lastname@example.org. If you are just sending the short name 'joeuser', RSA AM server doesn't have a way to add @domain.com to the user automatically. options You could set up login aliases for the users, and apply those to agents that are not sending the domain name across. So, set up an alias 'joeuser' for…
Can more information be provided on this activity - AUTHMGR_AGENT_LINK_APSLIST Agent Link Agent Protocol Server List. The events are from a SYSTEM admin login but why these logs are generated ? is it routine server list update for agents ?
I have a replica site that stopped reporting to the primary. In the Replication Status Report, it shows that the Instance is Offline. I have rebooted it and still no avail. There is an option to delete the instance which I did. How do I add it back as a replica site so that my primary recognizes it?
often it is worth troubleshooting a offline replica, there are replication logs in /opt/rsa/am/server/logs and there is a procedure to force the replica [Synch] button, which transfers the whole primary database to the replica. Sometimes a firewall rule is changed to prevent replicas and primaries from communicating on TCP 7002 and other ports. …