Fully Resynchronize High Availability Tokencodes

Document created by RSA Information Design and Development Employee on Jul 27, 2020Last modified by RSA Link Admin on Sep 18, 2020
Version 2Show Document
  • View in full screen mode

Most High Availability Tokencode processing occurs automatically, but you might need to reset or fully resynchronize the High Availability Tokencode records, for a number of reasons, including:

  • You have changed your company account in the Cloud Authentication Service and you need to connect to the Cloud Authentication Service again.
  • Authentication Manager adds an external identity source that is also synchronized to the Cloud Authentication Service.
  • Tokencode records were not updated because Authentication Manager could not locate one or more users in the identity source, and now the issue has been resolved.
  • Tokens were accidentally deleted by an administrator, and now the High Availability Tokencode records are needed in Authentication Manager.

You cannot resynchronize a single user. You must update all of the records.

Before you begin 

You must be an Operations Console administrator, and have the rsaadmin password.

Procedure 

  1. Log on to the appliance with the User ID rsaadmin and the operating system password that you defined during Quick Setup:
    • On a hardware appliance, an Amazon Web Services appliance, or an Azure appliance, log on to the appliance using an SSH client.
    • On a VMware virtual appliance, log on to the appliance using an SSH client or the VMware vSphere client.
    • On a Hyper-V virtual appliance, log on to the appliance using an SSH client, the Hyper-V System Center Virtual Machine Manager Console, or the Hyper-V Manager.
  2. Change directories to /opt/rsa/am/utils. Type:

    cd /opt/rsa/am/utils/

    and press ENTER.

  3. Authentication Manager uses the sync marker time attribute as the timestamp for the last synchronized token record in the Authentication Manager database. Resetting this value to 0 prompts Authentication Manager to synchronize all of the token records. Type:

    ./rsautil store -o admin -p password$ -a update_config auth_manager.cas.authentication.ha.seed_sync.marker_time 0 GLOBAL

    Where admin is name of an Operations Console administrator and password is the Operations Console administrator's password.

  4. Press ENTER.

 

 

 

You are here
Table of Contents > High Availability Tokencodes > Fully Resynchronize High Availability Tokencodes

Attachments

    Outcomes