000015199 - AM 7.1- Operations Console user password change not replicating to the Replica instance

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000015199
Applies ToAuthentication Manager 7.1.4 on all supported platforms
Appliance 3.0
Operations Console Password
IssueWhen the operations Console password password is changed/updated on the primary, the change doesnt replicate to the Replica instance(s)

When the rsautil manage-oc-administrators -a reload command is run on the replica, the following error is received:

?Error: Command target (CacheableCommandTargetBasicAuth) initialization failure
        com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte.?

Logging in to the Replica Operations Console fails with the new and the old passwords
CauseAdministrator changed all the Passwords on the primary (The Master Password, Operations Console Password & the Super Admin password) prior to first updating the master password on the replica(s). It is required that Master password must be same on Primary and all Replica servers prior to changing the Operations Console admin password.

On the replica server, change the Master Password to match the Primary. From the command line cd to the RSA_HOME/utils directory  (RSA_HOME is the home directory of Authentication Manager. On windows its "C:\Program Files\RSA Security\RSA Authentication Manager" On the Appliance 3.0 the defaul RSA Home directory is "/usr/local/RSASecurity/RSAAuthenticationManager"

To change the master password, run the following command: rsautil manage-secrets -a change   (Hit Enter and then supply the current Master password followed by the new one to be set)

The systemfields.properties file needs to be updated on the replica with a copy from the Primary instance. Get a copy of the "systemfields.properties" file from the Primary RSA_HOME/utils/etc directory and place it in the RSA_HOME/utils/etc directory of the replica instance. (NOTE: Make a backup copy of the "systemfields.properties" file on the replica prior to replacing it with the copy from the primary)

Restart all RSA Authentication Manager services on the Replica.

Legacy Article IDa56538