|Applies To||RSA Product Set : SecurID|
RSA Product/Service Type : RSA Authentication Manager
RSA Version/Condition: 8.1
|Issue||Customer has a requirement to generate a report from CLI for users who have not logged in for a specific period of days to RSA AM 8.1|
|Tasks||Download and install an SSH Client for connecting remotely to RSA server for accessing the operating system.|
To log on to the appliance operating system using Secure Shell (SSH), SSH must be enabled
1. In the Operations Console, click Administration > Operating System Access.
2. In the SSH Settings section, select the checkbox for each NIC on which you want to enable SSH. If you have multiple NICs configured, you can enable SSH on more than one NIC.
3. Click Save.
|Resolution||Steps at the command line to generate a a report from CLI for users who have not logged in from a specific period of days to RSA AM 8.1|
1. Logon to the SecurID Appliance either with an SSH session or at the local console with the rsaadmin account
2. Navigate to the /opt/rsa/am/utils folder as the rsaadmin user
3. Retrieve the password for the rsa_dba user using the following command:
/opt/rsa/am/utils/rsautil manage-secrets -a get com.rsa.db.dba.password -u <OC_Admin_Name> -p <OC_Admin_Password>
NOTE: the appropriate method would be to create a read-only user for database access. Remember to replace <OC_Admin_Name> and <OC_Admin_Password> with the appropriate Operations Console administrative account details.
4. Create a text file in the /opt/rsa/am/utils folder with an appropriate name, for example; UserlastLogin.sql
5. Copy the SQL statement below into the text file and save the change
Select LOGINUID,SERIAL_NUMBER,LAST_LOGIN_DATE from AM_TOKEN_OOB,AM_TOKEN, IMS_PRINCIPAL_DATA
6. In the /opt/rsa/am/utils folder use the following command to generate a CSV output file using SQL script by name UserlastLogin.sql
/opt/rsa/am/pgsql/bin/psql -h localhost -p 7050 -d db -U rsa_dba UserlastLogin.sql -o UserlastLogin.csv
7. When prompted enter the password obtained from step 3
8. Review the file UserlastLogin.csv
|Notes||Contacting RSA Customer Support|