000015537 - Accessing the RSA Appliance  when the password for rsalocaladmin is not known

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000015537
Applies ToRSA SecurID Appliance
Issue

Accessing the RSA Appliance, when the password for rsalocaladmin is not known
Note: This UNSUPPORTED solution is supplied for customer convenience ONLY, and CANNOT be supported by RSA Security in ANY way. It uses third-party software, equipment, and instructions, over which RSA Security has no control.  While this has received limited lab testing, it has not been validated or qualified by RSA Security, or any other party.

It is possible for this UNSUPPORTED  process to damage both the operational partition, and the factory installed Emergency Restore partition; if this happens, the appliance hardware will become unusable.  It will require shipping the appliance to RSA Security for repair,  which will  NOT be covered by the standard Appliance 1.x or 2.x  support contract.   This UNSUPPORTED solution should only be considered when no other RSA supported alternatives can be used. Anyone using any process or information in this document does so at their own risk, as RSA Security cannot provide ANY additional support or assistance.

Even if this UNSUPPORTED solution  does not cause damage to the appliance, if you need to then perform the Factory Reset as per the owner's guide, the Factory Reset is a destructive operation that eliminates   ALL data from the appliance.


Administrator is locked out of the Appliance
Resolution

A bootable USB drive may be created, and the appliance booted off of this drive. One method that has received limited testing, is to use a 512 MB (or larger) USB drive, and install USB MiniMe 2008 on it.

http://www.pendrivelinux.com/2008/02/13/pendrivelinux-2008-install-from-windows/ 

contains the instructions and links for creating the bootable USB drive that received the limited testing.  RSA Security cannot provide ANY  other support for creating ANY bootable drive, including this one.

 

Once the drive has been created and tested, power the RSA Appliance off, and connect a monitor, USB mouse, and USB keyboard, as per the Emergency Access Procedure in the Appliance Owner's guide.

Note: As of this writing, this method has received limited testing on Scorpio II Appliance hardware (4 network jacks) . It has received NO testing on either the Scorpio X Appliance hardware (2 network jacks) or Scorpio X4 hardware  (6 network jacks).
Plug the bootable USB drive into an available USB  port, and power on the appliance. At the Post Screen, push the DEL key on the keyboard to go into the BIOS setup.   Go to Advanced BIOS features, Hard Disk Boot Priority. Record the settings, and move the entry for your USB drive to the top with the PageUp key. Use F10 to Save and Exit.

Restart the Appliance, it will start your bootable OS. If using MiniMe 2008, start it in Live mode. Use the username and password listed on the startup screen.  Go to My Computer > Storage Media > 34G Media , this contains the OS drive for the appliance.

To get the backup file from an Appliance 2.x, go to c:\authmgr\backups and get BackupCAB1.CAB . Save As: Storage Media (removable media) Save.

Logout, restart computer. On restart, DEL to go to BIOS Setup. Advanced BIOS Features, Hard disk boot Priority. Change the settings to the way they were before.   Shut down the appliance and remove the USB drive. 

NotesRSA Security is not responsible for accuracy, availability, or completeness of any third-party utilities, products, or documentation. All copyrights for all third-party information linked or referenced in this document, directly or indirectly, belong to their respective copyright owners. RSA Security does not provide support for ANY of the products referenced in this document, other than the RSA Appliance, or RSA Authentication Manager.
Legacy Article IDa41736

Attachments

    Outcomes