000012378 - Unable to log in to the RSA Authentication Manager 7.1 Operations Console

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000012378
Applies ToRSA Product Set:  SecurID
RSA Product/Service Type:  Authentication Manager
RSA Version/Condition:  7.1, 3.0
IssueOperations Console administrators cannot login to the Authentication Manager 7.1 Operations Console.
Cause
  • The password for a Security Console administrator may have been changed, possibly after it expired.  This password change for the Security Console admin does not change the Operations Console password, even if the username happens to be the same. The Security Console and Operations Console use different databases for administrative users.   
  • The Operations Console password may have expired.
  • The machine fingerprint changed.
Resolution
  • You must have a valid Security Console super admin username and password, to use the following utility that will manage Operations Console administrators.
  • The super admin account must be in the internal database, not in an external identity source, such as LDAP or SunOne.
  • This account and password must not be expired. 
  • Verify this user can log onto the Security Console before performing the next steps.

See "Using the Manage Operations Console Administrators Utility" on page 310 in the RSA Authentication Manager 7.1 Administrator's Guide.
Note:  If Authentication Manager 7.1 is installed on a Unix server or these commands are run on the RSA SecurID Appliance 3.0, prepend ./ to the commands below.


To create a new Operations Console administrator


To create a new Operations Console admin, run the following command.  


rsautil manage-oc-administrators --action create -u <new_Operations_Console_admin_username> -p <new_Operations_Console_admin_password>

You will be prompted for a super admin user name and password as part of running this command.


To create a new password for an existing Operations Console administrator


To provide a new password for an Operations Console administrator, type: 


rsautil manage-oc-administrators --action update <existing_Operations_Console_admin_username> <new_Operations_Console_admin_password>
rsautil manage-oc-administrators --action reload

To restore the machine fingerprint


Run the following command,


rsautil manage-secrets -a recover
Legacy Article IDa44364

Attachments

    Outcomes