000026345 - What are the best practices to maintenance RSA Authentication Manager 7.1. SP4

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000026345
Applies ToRSA Authentication Manager 7.1

1. Maintain correct time on the Primary and all Replicas.

?         Utilize the Network Time Protocol (NTP) if possible.

?         Server local time must be monitored at all times to ensure that there is no drift in system time.

?         If you notice that time is incorrect on the primary or any replicas, open a case with support immediately. Do not correct the time, this could lead to authentication failures.



2. Logs can be archived and deleted via the Security Console

?          Security Console ---> Administration ----. Log Management

3. Maintain the Windows Event Viewer or UNIX system logs.

?         Use the Windows Event Viewer to save and subsequently clear the Application log and System log.  

4. Replica promotion.

?         If for some reason, the Primary server fails and cannot be recovered, a replica can be nominated to become the new primary. It is extremely important to review documentation prior to promoting a replica server to become the primary server. If you have any questions on this, open a case with support immediately.

5. Maintain Windows or UNIX operating system patches.

?         Prior to making Operating System Service Pack or major release updates to your Primary and Replicas check with SecurCare Online and/or Customer Support.

6. Backup your data.

?         Use the backup feature in operation console.

?         Save the backup data on an alternate server or System.

7. Monitor logs for status of replication.

?         If you discover a replication problem, promptly address it. Contact Customer Support for assistance.

?        Monitor the Primary server system log and application log for positive messages regarding successful replication.

?        Verify the replication status

                Launch Operation Console ----> Manage Replication -----> Replication Status 


     Replication status gives the date and time of the last successful record update from Primary to Replica and Replica to Primary.


cd utils

If you are running 7.1 server = rsautil manage-rep-error -a run-script -o primary_replication_status.sql

If you are running 7.1.SP2 and greater version =rsautil manage-database -a exec-sql -U com.rsa.replication.admin -f diagnostics/primary_replication_status.sql

rsautil manage-database -a exec-sql -U com.rsa.replication.admin diagnostics/primary_replication_status.sql

The output of above command indicates ?ENABLED? for replication queues.

8. Monitor the diskspace


1.     Navigate to Program files\RSASecurity\RSAAuthenticationManager\server\logs\

Delete the log files ending with .logxxxxxx extension. Note: Do not delete any files ending with .log

2.     Navigate to Program files\RSASecurity/RSAAuthenticationManager/server/servers/<instance_name>/logs/

Remove imstrace.log file to another machine. When RSA services are started a new file will be generated.

        Delete the log files ending with .logxxxxxx extension. Note: Do not delete any files ending with .log


3.       Monitor the number of trace files:

              The .trc files are in \Program Files\RSASecurity\ RSAAuthenticationManager\db\admin\<instance_name>\bdump on all RSA servers.

a.       Monitor the number of .trc files on all RSA servers:
Cd   Program Files\RSASecurity\RSAAuthenticationManager\db\admin\<instance name>\bdump

b. Delete all .trc files

Command line: del *.trc


4.       Monitor the \bdump\alert.log file size. If it is large move alert*.log to some other machine.

5.       Restart the RSA services.  This will generate new alert.log file and new imstrace.log file.



IssueWhat are the best practices to maintenance RSA Authentication Manager 7.1. SP4
Best Practices for maintenance of Authentication Manager 7.1.SP4
Legacy Article IDa50388