000031695 - How to delete duplicate aliases after migrating from RSA Authentication Manager 6.1 to version 8.1

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000031695
Applies ToRSA Product Set:  SecurID
RSA Product/Service Type:  Authentication Manager
RSA Version/Condition:  8.1
IssueAfter migrating from Authentication Manager 6.1 to Authentication Manager 8.1 the users may have duplicate aliases which are the same as the user IDs. This shouldn't cause any issues, but makes it hard to manage aliases as many of them are not actually needed. 
Resolution
To list and/or remove duplicate aliases from the database, follow the steps below:
As a precaution, take a backup of the database via the Operations Console (Maintenance > Backup and Restore > Backup Now) before continuing.
1.  Connect to the primary Authentication Manager server via SSH, vSphere or a direct connection.  
2.  Login as rsaadmin.
3.  Navigate to /opt/rsa/am/utils.
4.  Run the following command to get the database administrator password:
# cd /opt/rsa/am/utils
#./rsautil manage-secrets -a get com.rsa.db.dba.password
Please enter OC Administrator username: <enter Operations Console administrator user name here>
Please enter OC Administrator password: <enter Operations Console administrator's password here>
com.rsa.db.user.password: <output of request for com.rsa.db.dba.password>

5.  Connect to the database using the database admin's password captured above:
# cd /opt/rsa/am/pgsql/bin/
./psql -p 7050 -h localhost -d db -U rsa_dba
Password for user rsa_dba:  <enter database password captured in step 4>
psql.bin (9.2.4)
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
Type "help" for help.
db=>

6.  To list the duplicate aliases, run the following query:
db=> SELECT * from am_principal_alias WHERE alias_name=(SELECT loginuid FROM ims_principal_data WHERE id=principal_id);

7.  To delete all the duplicate aliases, run the command below.  
db=> DELETE FROM am_principal_alias WHERE alias_name=(SELECT loginuid FROM ims_principal_data WHERE id=principal_id);


 

Attachments

    Outcomes