|Applies To||RSA Product Set: SecurID|
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.1.0 Patch 8
O/S Version: Suse Linux
|Issue||After updating or upgrading to Authentication Manager SP1 Patch 8 (or P9 and P10) Administrators will no longer be able to approve Self-Service Token Requests, this will fail with "There was a problem processing the request, unexpected error during command and email@example.com token request check command execution"|
previously this worked before applying AM 8.1 SP1 P8, P9 or P10.
This bug was caused by Jira Request for Enhancement, RFE AM-29185 - AM 8.1 SSC login Request Token does not distinguish enrollment as AM 7.1 did.
This KB contains the work-around from January 6th, 2016. This problem should be fixed in later patches.
|Resolution||You will need to obtain/download two files from our Customer Support or from our SFTP server then ‘install’ them. Here’s the Link for the two files that was working on 1/6/16:|
Once you have the war_files.zip downloaded, you’ll have to unzip and WinSCP copy to your AM Primary and replicas, them please follow these steps to deploy:
- Before you begin please copy the original files from the server and store them in a safe location that is NOT on the server. Since AM is an appliance it is important the folder structure and content of the server to stay intact. Creating new files/folders anywhere on the server is not allowed and can cause issues that are hard to figure/resolve. This KB assumes your are running with AM 8.1 SP1 P10, and the two files in the war_files.zip are:
Then WinSCP copy these two .war files to your AM Servers.
|Workaround||Rolling back to P7 or earlier will fix this, but if you cannot roll-back patches, use this work-around. This example assumes P10 was installed, so directory is 184.108.40.206.0 and file has 220.127.116.11.0 as part of name.|
1. Copy the two files to their respective locations on the server:
2. Run the following commands to redeploy:
Stop AM services
Then delete the following files:
rm -rf /opt/rsa/am/server/servers/AdminServer/tmp/
Then restart AM services