000011673 - AM 7.1- Configuration of Primary Radius server fails with 'com.rsa.authmgr.radius.exception.RadiusSystemException: Failed to enable replication'

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000011673
Applies ToAuthentication Manager 7.1 on all supported Platforms
Appliance 3.0
Radius Configuration
Issue

After promoting a replica instance to be a primary, a user deletes the Radius servers without following the Radius promotion process and then tries to configure Radius on the promoted primary. The Radius Configuration fails with the following exception in the configureRadiusTrace.log:

23 Aug 19:49:49.763 ERROR - Failed configuration command execution
com.rsa.installfwrk.config.exception.ConfigurationException: Failed configuration command execution
at com.rsa.installfwrk.config.ConfigEngine.execute(ConfigEngine.java:223)
at com.rsa.installfwrk.config.ConfigUtil.runConfig(ConfigUtil.java:53)
at com.rsa.installfwrk.config.ConfigUtil.main(ConfigUtil.java:35)
Caused by: com.rsa.installfwrk.common.command.exception.CommandException: Error Running RADIUS Registration Command
at com.rsa.installfwrk.thirdparty.radius.config.command.RegisterRadiusServerCmd.executeRemoteCommands(RegisterRadiusServerCmd.java:35)
at com.rsa.installfwrk.common.command.RemoteCommandBase.execute(RemoteCommandBase.java:49)
at com.rsa.installfwrk.config.ConfigEngine.execute(ConfigEngine.java:185)
... 2 more
Caused by: com.rsa.authmgr.radius.exception.RadiusSystemException: Failed to enable replication :Unable to load RADIUS Replication Server
at com.rsa.authmgr.internal.admin.radius.impl.RegisterRadiusServerAdministrationImpl.enableRADIUSServerReplication(RegisterRadiusServerAdministrationImpl.java:332)
at com.rsa.authmgr.internal.admin.radius.impl.RegisterRadiusServerAdministrationImpl.registerRadiusServer(RegisterRadiusServerAdministrationImpl.java:190)
at com.rsa.authmgr.admin.radius.RegisterRadiusServerCommand$Executive.execute(RegisterRadiusServerCommand.java:207)
at com.rsa.authmgr.admin.radius.RegisterRadiusServerCommand.performExecute(RegisterRadiusServerCommand.java:106)
at com.rsa.command.LocalTarget.executeCommand(LocalTarget.java:107)
at com.rsa.ims.command.LocalTransactionalCommandTarget.access$201(LocalTransactionalCommandTarget.java:62)
at com.rsa.ims.command.LocalTransactionalCommandTarget$1.doInTransaction(LocalTransactionalCommandTarget.java:257)
at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:127)
at com.rsa.ims.command.LocalTransactionalCommandTarget.executeCommand(LocalTransactionalCommandTarget.java:249)
at com.rsa.command.CommandServerEngine$CommandExecutor.run(CommandServerEngine.java:570)
at com.rsa.command.CommandServerEngine$CommandExecutor.run(CommandServerEngine.java:546)
at com.rsa.ims.security.spi.SimpleSecurityContextImpl.doAs(SimpleSecurityContextImpl.java:114)
at com.rsa.security.SecurityContext.doAs(SecurityContext.java:429)
at com.rsa.command.CommandServerEngine.execute(CommandServerEngine.java:310)
at com.rsa.command.CommandServerEngine.executeCommand(CommandServerEngine.java:250)
at com.rsa.command.CommandServerEngine.executeCommand(CommandServerEngine.java:164)
at com.rsa.command.CommandServerBean.executeCommand(CommandServerBean.java:205)
at com.rsa.command.CommandServerBean.executeFrameworkManagedTx(CommandServerBean.java:167)
at com.rsa.command.CommandServer_qt4u4w_EOImpl.executeFrameworkManagedTx(CommandServer_qt4u4w_EOImpl.java:62)
at com.rsa.command.CommandServer_qt4u4w_EOImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:224)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:479)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:475)
at weblogic.rmi.internal.BasicServerRef.access$300(BasicServerRef.java:59)
at weblogic.rmi.internal.BasicServerRef$BasicExecuteRequest.run(BasicServerRef.java:1016)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:200)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:172)
caused by: com.rsa.authmgr.internal.admin.radius.impl.exception.ReplicaAccessException: Unable to load RADIUS Replication Server
at com.rsa.authmgr.internal.admin.radius.impl.RadiusServerAdministrationImpl.createReplicaAccessException(RadiusServerAdministrationImpl.java:573)
at com.rsa.authmgr.internal.admin.radius.impl.RadiusServerAdministrationImpl.lookupReplicaServer(RadiusServerAdministrationImpl.java:550)
at com.rsa.authmgr.internal.admin.radius.impl.RegisterRadiusServerAdministrationImpl.enableRADIUSServerReplication(RegisterRadiusServerAdministrationImpl.java:312)
... 29 more
Caused by: com.rsa.authmgr.radius.exception.RadiusSystemException: Unable to read RADIUS object -vm-pbg-rsa2.schaumann.local
at com.rsa.authmgr.internal.radius.sbr.xui.impl.XUIAccessImpl.read(XUIAccessImpl.java:278)
at com.rsa.authmgr.internal.admin.radius.impl.RadiusServerAdministrationImpl.lookupReplicaServer(RadiusServerAdministrationImpl.java:547)
... 30 more

Resolution

To resolve the issue, take the following steps.

a) On a Windows Environment
 
- Stop the RSA Authentication Manager Radius Service
- Open a command prompt and cd to the RSA_HOME\radius\service directory  (By default RSA_HOME is c:\Program Files\RSA Security)
- Run the following command:

  sbrsetuptool.exe -identity PRIMARY (Enter)

- Start the RSA Authentication Manager Radius Service
- Logon to the Operations Console/Deployment Configuration/Radius/Configure Server and Configure the Radius server.


b) On Appliance 3.0

- Logon via SSh and "emcsrv" and run the following commands:

sudo su        (Hit Enter)
su rsaadmin (Hit Enter)
cd /usr/local/RSASecurity/RSAAuthenticationManager/server (Hit Enter)
./rsaam stop radius    (Hit Enter)
cd ../radius    (Hit Enter)
./sbrsetuptool -identity PRIMARY (Hit Enter)
cd ../server    (Hit Enter)
./rsaam start radius   (Hit Enter)

- Logon to the operations Console/Deployment Configuration/Radius/Configure Server and configure the Radius server



Legacy Article IDa55724

Attachments

    Outcomes