000037075 - Maximum number of incorrect login attempts for RSA Authentication Manager Operations Console administrator

Document created by RSA Customer Support Employee on Mar 11, 2019
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000037075
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue

The maximum number of incorrect attempts for Operations Console access by an Operations Console administrator has been reached, resulting in the following error:



Your login information is incorrect.  Correct your logon information and try again or contact the help desk or your administrator



 



User-added image




Attempting to login to the Operations Console fails, even after changing the Operations Console Administrator's password of the same account. 

Cause

User password policies and/or lockout policies set for users in the Security Console do not apply to Operations Console administrators.



The policy for Operations Console administrators is hard-coded and cannot be changed. A login attempt by the Operations Console administrator will fail with the correct password if there have been five incorrect login attempts. 

ResolutionThe Operations Console administrator account automatically unlocks after 60 minutes.


















 
Workaround1. Add a new Operations Console administrator.
2. Restarting the Authentication Manager Admin service without restarting dependent services releases the locked account immediately:
  1. Launch an SSH client, such as PuTTY.
  2. Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.

Note that during Quick Setup another user name may have been selected. Use that user name to login.



  1. Navigate to /opt/rsa/am/server.
  2. Restart the Admin service using the command ./rsaserv restart admin nodep:


rsaadmin@am81p:~> cd /opt/rsa/am/server
rsaadmin@am81p:/opt/rsa/am/server> ./rsaserv restart admin nodep
Stopping RSA Administration Server with Operations Console: **
RSA Administration Server with Operations Console          [SHUTDOWN]
Starting RSA Administration Server with Operations Console: ********************
RSA Administration Server with Operations Console          [RUNNING]
rsaadmin@am81p:/opt/rsa/am/server>
Notes

For more information, refer to 000037090 - Adding an additional Operations Console administrator fails with the error message Encrypted data could not be updated in RSA Authentication Manager 8.x.

Attachments

    Outcomes