000030727 - RSA Authentication Manager 8.1: Moving the Virtual Appliance from one ESX host to another

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000030727
Applies ToRSA Product Set : SecurID
RSA Product/Service Type : RSA Authentication Manager
RSA Version/Condition: 8.1 Service Pack 1
Platform : SUSE Enterprise Linux
O/S Version : 11 Service Pack 3
Product Description : SecurID Appliance
 
IssueThere is a requirement to move the RSA Authentication Manager 8.1 virtual appliance from one ESX host to another, perhaps because the VMware environment is being upgraded.
ResolutionThe RSA Authentication Manager 8.1 software knows the hardware (or virtual hardware) it is installed on so moving the virtual appliance from one ESX host to another (with regards to a VMware environment) will cause a problem with the authentication manager fingerprint. The most common change is the MAC address of the virtual network card.
 
After moving the virtual appliance an administrator is required to use the command :
rsautil manage-secrets –a recover
NOTE: The Operations Console administrative username and password are require to use this command. 
Usage:

  1. Use the rsaadmin account to logon to the operating system hosting the authentication manager instance
  2. Navigate to the /opt/rsa/am/utils folder
  3. Use the command : ./rsautil manage-secrets –a recover
Example:
rsaadmin@app81p:/opt/rsa/am/utils> ./rsautil manage-secrets -a recover
Please enter OC Administrator username: ocadmin
Please enter OC Administrator password: ***********
Machine fingerprint restored successfully.
rsaadmin@app81p:/opt/rsa/am/utils>


  1. Stop the authentication manager 8.1 services with the command: /opt/rsa/am/server/rsaserv stop all
  2. Start the authentication manager 8.1 services with the command: /opt/rsa/am/server/rsaserv start all

Attachments

    Outcomes