000015728 - APP3.0- unable to login to operations console on a replica instance after the operations console password was changed on a Primary

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000015728
Applies ToSecurID Appliance 3.0
Replication is working fine
the operations console password was changed on the primary instance
IssueAPP3.0- unable to login to operations console on a replica instance after the operations console password was changed on a Primary instance
Unable to login to the operations console on an appliance replica instance after the operations console password has been changed with rsautil on the primary instance.
Error: com.rsa.ims.security.keymanager.sys.FieldException: Failed to decrypt field com.rsa.db.user
unable to change operations console password
unable to list operations console admins
Resolution

Note: you must know the master, emcsrv rsaadmin passwords to complete this process.

On the replica instance, do the following:

1) ssh to the appliance as emcsrv, then sudo su - rsaadmin

2) cd /usr/local/RSASecurity/RSAAuthenticationManager/utils/etc

3) mv ocusermanager.properties ocusermanager.bak

(is is OK if this file does not exist in the first place, the idea is that there should be no file of that name)

4) cd /usr/local/RSASecurity/RSAAuthenticationManager/utils

5) run ./rsautil manage-oc-administrators -a reload

Enter the superadmin (security console) username and password as prompted

This will reload the operations console manager from db and allow the new password to be used on the replica instance.

You should now be able to login to the operations console.

Legacy Article IDa49410

Attachments

    Outcomes