|Applies To||Authentication Manager 7.1, AM 7.1|
RSA SecurID Appliance 3.0
RSA SecurID Appliance 3.0.4
Role permissions are correct
non superadmin super admin unable to see menus
|Issue||Unable to login to Security Console or Operations Console|
Error when logging into the Security Console is "There was a problem processing your request. Console component registration fail:Unexpected exception during command invocation; nested exception is: com.rsa.common.SystemException: Unexpected exception during command invocation"
Missing tabs in the menu of the Security Console
Only occurs if the user does not have the Super Admin roles assigned
An admin cannot manage tokens, even though it seems like they should be able to do so.
An issue was found that can result in the consoles becoming unregistered from the system. The first admin that logs onto the Security Console after an upgrade MUST be an unrestricted Superadmin, to recreate the proper menus.
1. Verify you can logon to the Security Console with a SuperAdmin account that is in the Internal Database Identity Source, using a Password. It cannot be another kind of admin, or in an external Identity source.
2. Log on as the RSA fileowner to a console session\command prompt. Go to your (RSAHome)\utils directory
(on an appliance, this is:
3. on UNIX/Appliance (not Windows) set environment variables with :
. ./rsaenv (note: this starts with dot-space-dot-slash)
4. type (all on one line, and also with Unix/Appliance, it needs to start with ./ dot-slash):
rsautil manage-console-ext -u <Super admin UserID> --reset --deployurllist https://<SERVER_FQHN>:7004/console-ims,,https://<SERVER_FQHN>:7004/console-am,,https://<SERVER_FQHN>:7004/console-ucm
Where <Super admin UserID> is the admin from step 1, and <SERVER_FQHN> is the fully-qualified hostname of the RSA Server or appliance.
It will ask for a Password, the password to be entered is for the SuperAdmin from Step 1, NOT the Master Password
5. Stop and Restart all RSA services
6. Log onto the Security Console with the Super Admin from step 1 (the first one to login after the restart MUST be an internal superadmin, not a restricted admin, or an admin from an external Identity Source).
Repeat 2-6 on any affected replicas.
|Workaround||System was upgraded to SP4|
|Notes||This issue is noted in the SP4 Release notes here |
Log On to the RSA Security Console as a Super Admin
You must log on to the RSA Security Console as a Super Admin to refresh the updates in the Security Console and the Operations
keywords redeploy redeployurl restricted
Also See Error when logging into Security Console: Console component registration fail: Repeated URL redirect on: URL_console
|Legacy Article ID||a48247|