000032581 - Error Syncing Radius in RSA Authentication Manager 8.1

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000032581
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: SecurID Appliance
RSA Version/Condition: 8.1.0
Platform: EMC CAP
Platform (Other): VMWare
O/S Version: Suse Linux
 
Issue
  • Unable to Sync Radius "Initiate Replication" for Radius fails
  • Unable to edit a certain Radius Client
  • Error: Could not connect to RADIUS server. Contact customer support when Edit and Save RADIUS Client
  • Error in System monitor:  

  • Date & Time: <Date> 
    Log Level: ERROR
    Description: Administrator “SYSTEM” attempted to execute command “com.rsa.authmgr.admin.radius.UpdateRadiusClientCommand”
    Activity Result Key: Failure
    Result: Unexcepted exception caught
    Administrator User ID: SYSTEM
    Administrator First Name: N/A
    Administrator Last Name: N/A
    Administrator Security Domain: N/A
    Administrator Identity Source Name: N/A
    Activity Key: Execute command
    Activity Result Key: Failure
    Instance Name: <Hostname>
    Client IP: N/A
    Server Node IP: <IP>
    Component Key: system.com.rsa.command.CommandServerEngine
    Argument 1: com.rsa.authmgr.admin.radius.UpdateRadiusClientCommand
    Argument 2: N/A
    Argument 3: N/A
    Argument 4: N/A
    Argument 5: N/A
    Argument 6: N/A
    Exception: com.rsa.authmgr.radius.exception.RadiusSystemException: \nInvalid HTTP Status code -403\nReason : Error\n Status Line:HTTP/1.1 403 Error, at com.rsa.authmgr.internal.radius.sbr.xui.impl.XUIAccessImpl.processHttpStatusCode(XUIAccessImpl.java:544), at com.rsa.authmgr.internal.radius.sbr.xui.impl.XUIAccessImpl.create(XUIAccessImpl.java:142), at com.rsa.authmgr.internal.radius.sbr.xui.impl.XUIAccessImpl.create(XUIAccessImpl.java:125), at com.rsa.authmgr.internal.admin.radius.impl.RadiusClientAdministrationImpl.createRadiusClientToSBRInTranscation(RadiusClientAdministrationImpl.java:632), at com.rsa.authmgr.internal.admin.radius.impl.RadiusClientAdministrationImpl.access$2(RadiusClientAdministrationImpl.java:620), at com.rsa.authmgr.internal.admin.radius.impl.RadiusClientAdministrationImpl$1.doInTransaction(RadiusClientAdministrationImpl.java:452), at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:130), at com.rsa.authmgr.internal.admin.radius.impl.RadiusClientAdministrationImpl.createRadiusClient(RadiusClientAdministrationImpl.java:420), at com.rsa.authmgr.internal.admin.radius.impl.RadiusClientAdministrationImpl.updateRadiusClient(RadiusClientAdministrationImpl.java:1452), at com.rsa.authmgr.admin.radius.UpdateRadiusClientCommand$Executive.execute(UpdateRadiusClientCommand.java:300), at com.rsa.authmgr.admin.radius.UpdateRadiusClientCommand.performExecute(UpdateRadiusClientCommand.java:164), at com.rsa.command.LocalTarget.executeCommand(LocalTarget.java:121), at com.rsa.ims.command.LocalTransactionalCommandTarget.access$0(LocalTransactionalCommandTarget.java:1), at com.rsa.ims.command.LocalTransactionalCommandTarget$2.doInTransaction(LocalTransactionalCommandTarget.java:268), at com.rsa.ims.command.LocalTransactionalCommandTarget$2.doInTransaction(LocalTransactionalCommandTarget.java:1), at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:130), at com.rsa.ims.command.LocalTransactionalCommandTarget.executeCommand(LocalTransactionalCommandTarget.java:260), at com.rsa.command.CommandServerEngine$CommandExecutor.run(CommandServerEngine.java:1), at com.rsa.ims.security.spi.SimpleSecurityContextImpl.doAs(SimpleSecurityContextImpl.java:113), at com.rsa.command.CommandServerEngine.executeCommand(CommandServerEngine.java:445), at com.rsa.command.CommandServerBean.executeCommand(CommandServerBean.java:89), at com.rsa.command.CommandServerEjb30_vraifm_CommandServerEjb30Impl.executeCommand(Unknown Source), at com.rsa.command.CommandServerEjb30_vraifm_CommandServerEjb30Impl_WLSkel.invoke(Unknown Source), at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:694), at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:232), at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118), at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256), at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    Instance GUID: 1bcae4626202a8c008016d23391de2ae
    Session ID: N/A


     
Cause
  • Could not edit RADIUS client "x" because its name had space at beginning or end of the Radius client name
  • AM sent request to SBR RADIUS to edit the client (without space), SBR could not find this match with "xxx%20" (with space) so did not respond and the request timed out
Resolution
  • The Radius Client name under Security Console > Radius > Radius Clients > Manage Existing 
  • The Radius Client needs to be deleted and recreated as the Radius client name can't be edited
NotesThis issue was fixed in AM 8.1 SP1 P1
 

Attachments

    Outcomes