000016218 - AM 7.1.x- Radius Configuration fails with a System Error on a Windows Environment

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000016218
Applies ToAuthentication Manager 7.1.x (SP2, SP3, SP4) on all supported platforms
Radius Server
Windows 2003
Windows 2008
IssueConfigure Authentication Manager 7.1.x Radius Server
Authentication Manager 7.1.x Radius Configuration fails with a System Error.

The ConfigureRadiusTrace.log found in the RSA_HOME\install\logs\config directory generates the following exception:

ConfigureRadiusTrace.log shows:
14:20:01.471 INFO - Executing Command (radius)(server): startRadiusServiceInit: Starting RADIUS Service Running
14:20:01.472 INFO - Command Input Properties (startRadiusServiceInit): {adminUsername=$I(rsa.radius.os.admin.username), radiusPort=$N(rsa.radius.xui.port), radiusHostname=$I(rsa.install.fqhn), serviceName=$N(rsa.radius.service.name), serviceAction=start, adminPassword=$R(rsa.radius.os.admin.password), installLocation=$I(rsa.radius.install.location), scriptName=$N(rsa.radius.script.name)}
com.rsa.installfwrk.config.exception.ConfigurationException: Failed configuration command execution
at com.rsa.installfwrk.config.ConfigEngine.execute(ConfigEngine.java:223)
at com.rsa.installfwrk.config.ConfigUtil.runConfig(ConfigUtil.java:53)
at com.rsa.installfwrk.config.ConfigUtil.main(ConfigUtil.java:35)
Caused by: com.rsa.installfwrk.common.command.exception.CommandException: Unable to connect to RADIUS Server :RADIUS server does not responds within the timeout
at com.rsa.installfwrk.thirdparty.radius.config.command.ControlRadiusServiceCmd.waitForXUIConnect(ControlRadiusServiceCmd.java:140)
at com.rsa.installfwrk.thirdparty.radius.config.command.ControlRadiusServiceCmd.startService(ControlRadiusServiceCmd.java:89)
at com.rsa.installfwrk.thirdparty.radius.config.command.ControlRadiusServiceCmd.dispatchControlAction(ControlRadiusServiceCmd.java:50)
at com.rsa.installfwrk.thirdparty.radius.config.command.ControlRadiusServiceCmd.execute(ControlRadiusServiceCmd.java:44)
at com.rsa.installfwrk.config.ConfigEngine.execute(ConfigEngine.java:185)
... 2 more
Caused by: com.rsa.authmgr.radius.exception.RadiusSystemException: RADIUS server does not responds within the timeout
at com.rsa.authmgr.internal.radius.sbr.xui.impl.XUIAccessImpl.verifyXUIConnection(XUIAccessImpl.java:345)
at com.rsa.authmgr.internal.radius.xui.XUIConnectionHandler.verifyXUIConnection(XUIConnectionHandler.java:59)
at com.rsa.authmgr.internal.radius.xui.XUIConnectionHandler.getXUIConnection(XUIConnectionHandler.java:45)
at com.rsa.installfwrk.thirdparty.radius.config.command.ControlRadiusServiceCmd.waitForXUIConnect(ControlRadiusServiceCmd.java:125)
... 6 more
Caused by: java.lang.RuntimeException: Could not create SSL Socket
at com.rsa.authmgr.internal.radius.sbr.xui.ssl.XUISSLSocketFactory.initSSLSocket(XUISSLSocketFactory.java:84)
at com.rsa.authmgr.internal.radius.sbr.xui.ssl.XUISSLSocketFactory.createSocket(XUISSLSocketFactory.java:57)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:706)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:386)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
at com.rsa.authmgr.internal.radius.sbr.xui.impl.XUIAccessImpl.verifyXUIConnection(XUIAccessImpl.java:325)
... 9 more

CauseThis can be caused from a few things:

1. The Radius OS Admin Account is Locked or disabled.
2. The Radius OS Admin Account password is set to "User must change password at next logon".
3. The Radius OS Admin Account password is changed.
Resolution

To correct the issue, follow these steps:

1. Verify that the Radius OS Admin account is not locked or disabled in the Operating system under user management. The account will have a random UserID that starts with "Radius" For example: "RadiusBNTR79ZO"
2. Set the Radius OS Admin account Password to "User cannot change password" and "Password never expires"
3. If the Radius OS Admin account password was changed accidently, please contact RSA Customer Support for further assistance.

Notes

The Radius OS Admin account is randomly created during the installation of RSA Authentication Manager 7.1.x. The password is randomly set during the installation process and should never be changed.

Legacy Article IDa57973

Attachments

    Outcomes