|Applies To||Authentication Manager 7.1 SP2|
2003 Server SP2
Replication fails frequently. Replication status in Operation console displays "server unreachable" and "Needs action"
Error: "Server unreachable" in replication status
|Issue||Vmware support for RSA Authentication Manager 7.1|
Anything that affects the ability to write to the file system can cause replication or the database to fail.
RSA Authentication Manager 7.1.0 and 7.1.1 without the Oracle 10.2.0.4 database patch were never supported under any form of virtualization. Primary support for these versions expired in 2011, regardless of virtualization or database patch level.
Supported Virtualization Platforms: RSA Authentication Manager 7.1.SP2 SP3 and SP4 is supported on VMWare ESX 3.5 and 4.0 (full-version) with some limitations. The full-kit (not upgrade) version of AM7.1 SP4 for Win2008-R2-64 and RHEL-5-64 adds VMWare ESX 4.1 and ESXi 4.1 as supported platforms. Support for additional versions of VMWare ESXi is expected for the future, please see the knowledge base website for the updated platform list. No other virtualization platforms are supported at this time.
These features disrupt with write access to embedded oracle control files. This can cause all processes related to replication to fail completely, and potentially corrupt the database. RSA recommends that customers use the features built in to RSA Authentication Manager 7.1 for these types of services. It is recommended that RSA Authentication Manager backup should be done from RSA operations console.
No other virtualization platforms are supported at this time.
The following VMWare ESX features are supported in SP2 - SP4, when used as per the Installation Guide:
? Physical to virtual conversion
? Virtual to physical migration
Note:The release notes for SP4 have a typo. It should read 4.0 and 3.5. There is no 4.5 version at this time.
Disable VMotion, DRS, HA , Consolidated Backup, and Legato Filesystem Sync Driver on all RSA servers prior to installation.
A securcare note was sent on May 15, 2009 which describes the vmware support for RSA Authentication Manager 7.1. The below securcare note can be accessed at below link. https://knowledge.rsasecurity.com/scolcms/set.aspx?id=8421
Please refer to page 152 in Installation guide for 7.1.SP2 at https://knowledge.rsasecurity.com/docs/rsa_securid/rsa_auth_mgr/71sp2/auth_manager_installation_guide.pdf
Any software that can lock Oracle files can cause database corruption. This includes AntiVirus, Backup, and System Management software. If these are used, they should be configured to never touch any Authentication Manager files while the services are running.
Pre-Installation VMWare memory settings
In order for the embedded Oracle database in RSA Authentication Manager to work properly on VMWare, the memory requirements are different than for a Physical machine. The following minimum memory settings are required for VMWare, and should be set before installation.
Allocated memory should be set to a minimum of 4G for a 32-bit OS and 8G for a 64-bit OS.
Reserved memory should be set to a minimum of 4G for a 32-bit OS and 8G for a 64-bit OS.
Allocated memory and reserved memory should be set to the same value.
The VMWare virtual machine memory control driver (sometimes called the Balloon memory driver) needs to be disabled in VMWare,
see AM-20536 in the SP4 release notes.
If these specifications are not followed, database errors may cause failures.
RSA Security released 2 new installers for AM7.1 for 2 additional platforms in June 2011. These install AM7.1 with SP4, and are for Win2008-R2-64 and RHEL5.5-64 . Since they install in a 64-bit environment, if installing on a virtualized environment, use the memory settings for a 64-bit OS (at least 8GB allocated, at least 8GB reserved, and they need to match)
Pre-installation Disk Space settings: The swap space should be set to at least 4095MB, and if your OS will allow it, to 2x the amount of RAM. The minimum free disk space before installation of AM7.1 is 60GB if the system will be a standalone Primary. If a Replica will be used, or may be in the future, 160GB+ of free disk space before installation of AM7.1 is preferred. If you cannot allocate this much free disk space, please see the Admin Guide topics:
See Changing the Limit for Oracle Database Archive Logs Refer RSA Authentication Manager 7.1 SP2 Administrator guide page 367
See Manage Database Utility Refer to RSA Authentication Manager 7.1 SP3 Administrator guide page 265
See Manage Database Utility Refer to RSA Authentication Manager 7.1 SP4 Administrator guide page 305 for the Primary and Freeing Disk Space Allocated for Logging on a Replica Instance Refer to RSA Authentication Manager 7.1 SP4 Administrator guide page 405
RSA recommends that you allocate 75% of your free space for replication.
If installing on Windows, the installer looks for a hard-coded location of c:\temp to place certain files during installation, make sure it exists and is open to all.
You must link the both the VMWare host and the guest OS to the same known-good NTP Server before installation of AM7.1. If there are any Replicas in the environment (virtual or physical) they must also be linked to the NTP Server, or an NTP server traceable to the same one.
|Legacy Article ID||a49362|