000017327 - An administrator cannot access the RSA Operations Console and/or RSA Security Console

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000017327
Applies ToRSA Authentication Manager 7.1 Service Pack 4
RSA SecurID Appliance 3.0 Service Pack 4
RSA Security Console
RSA Operations Console
rsautil
IssueAn administrator cannot access the RSA Operations Console and/or RSA Security Console
Resolution

During the RSA SecurID Appliance 3.0 quick setup or RSA Authentication Manager 7.1 SP4 software installation the administrator/installer would have been prompted to provide a username, password and confirm the password. These credentials are used to create an administrative account for the RSA Operations Console, an account with a super administration role for the RSA Security Console and the Master Password. Over time a password policy will request a new password for the account with the super administration role for the RSA Security Console but the other credentials do not change unless purposely changed by an administrator.


 


Web interfaces for RSA Authentication Manager 7.1/RSA SecurID Appliance 3.0


 


RSA Operations Console https://<fully-qualified hostname>:7072/operations-console or https://<ipaddress>:7072/operations-console


 


RSA Security Console https://<fully-qualified hostname>:7004/console-ims


 


Self-Service (after configuring self service via the RSA Security Console) https://<fully-qualified hostname>:7004/console-selfservice


 


Only the RSA Operations Console can use the IP address whereas the other web interfaces must use the fully-qualified computer name in the Uniform Resource Locator (URL).


 


IMPORTANT NOTE: some rsautil commands used at the command line for troubleshooting require the Master Password so please ensure you have this password available.


 


 


RSA Operations Console administrative account


 


For managing the RSA Operations Console administration accounts you would refer to Manage Operations Console Administrators Utility - Appendix D: Command Line Utilities (page 272) - RSA Authentication Manager 7.1 Administrator?s Guide (revision 1)or RSA Authentication Manager 7.1 Administrator?s Guide (revision 3) - refer to page 299.


 


At the command prompt, navigate to the <AMHOME>\utils folder and then update the password of the RSA Operation Console administrator account (or create a new RSA Operation Console administrator's account).


 


Example:



  

 


  

./rsautil manage-oc-administrators --action update rsaadmin <new_password>


  

Super Administrator's name: rsaadmin


  

Enter Super Administrator's Password: ***********


  

User 'rsaadmin' updated successfully.


  

 


  

 


 


Information on the RSA Security Console administrative account


 


For managing the RSA Security Console administrative account you would refer to the Chapter 10: Disaster Recovery (page 222) of the RSA Authentication Manager 7.1 Administrator?s Guide - page 224 covers the instructions require to create a temporary admin account for the RSA Security Console.


 


At the command prompt, navigate to the <AMHOME>\utils folder and then update the password of the RSA Security Console administrator account (or create a new temporary admin account for the RSA Security Console).


 


Example:



  

 


  

./rsautil restore-admin --admin tempadmin --password <new_password>


  

Enter master password: ***********


  

 


  

A temporary admin will be created with user ID 'tempadmin'.


  

Are you sure you want to continue? (Y/N): y


  

 


  

Admin created successfully.


  

 


  

*****************************************************************************


  

 


  

Note


  

 


  

    1) The 'tempadmin's console access will expire on Sat Oct 29 15:24:33 EST 2011.


  

 


  

    2) Console authentication policy is changed to RSA_Password/LDAP_Password. In order to make the policy change effective please flush the cache through operations console.


  

 


  

*****************************************************************************


  

 


  

 


Log on with the new credentials after creating a new temporary super administrative account in the internal database.


 


Contact information for RSA Customer Support is located at URL http://www.emc.com/support/rsa/contact/index.htm should you require technical assistance with a purchased RSA product.


 

WorkaroundAccess to the RSA Security COnsole is governed by the Password Policy.
Legacy Article IDa64920

Attachments

    Outcomes