000028895 - RSA Authentication Manager has stopped authenticating users when using an evaluation license

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support on Aug 26, 2019
Version 5Show Document
  • View in full screen mode

Article Content

Article Number000028895
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager 
RSA Version/Condition: 8.x
IssueRSA Authentication Manager has stopped authenticating users.
ResolutionThe RSA Authentication Manager license is made up of six files where the XML file name is made up from the purchase order (PO) and date of issue.  For example,

User-added image

Opening the XML will reveal the structure of the license and if there is a section called license:strategy id="expirationstrategy then the license is an evaluation license. Moreover, the section <license:property name="expires"> shows the expiry date.  For example:

<license:strategy id="expirationstrategy" name="Expiration Date">
    <license:className>com.rsa.ims.license.strategies.ExpirationTimeStrategy</license:className>
    <license:classVersion>1.0</license:classVersion>
    <license:strategyData>
      <license:property name="expires">2015.01.07</license:property>
    </license:strategyData>
  </license:strategy>


Check the license by logging in to the primary's Security Console and navigating to Setup > Licenses > Status:

User-added image


Viewing the installed license will also show an expiration date:
User-added image


When the expiration date in an evaluation license is met the RSA Authentication Manager instance will no longer listen on the 5500/UDP and this means the Authentication Manager instance can no longer process authentications. Access to the Security Console will still be available allowing an administrator to remove the expired evaluation license and install a new production license.

After replacing the evaluation license with a production license, please reboot the server via the Operations Console (Maintenance > Reboot Appliance) to restart the SecurID Appliance running RSA Authentication Manager software. Alternatively the RSA Authentication Manager 8.1 services can be restarted by launching an SSH session to the primary, logging in as the rsaadmin user and running the following command:


/opt/rsa/am/server/rsaserv restart all

Attachments

    Outcomes