000025555 - Unable to authenticate through Radius devices after moving the ACE/Server to a new machine.

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025555
Applies ToRSA ACE/Server
RADIUS
UNIX (AIX, HP-UX, Solaris)
Microsoft Windows NT 4.0
IssueUnable to authenticate through Radius devices after moving the ACE/Server to a new machine.
User receives "Access denied"
Error: "Access Denied"
Error: "Node verification failed" in ACE/Server logs
CauseThere is no securid file present on the ACE/Server Master.
ResolutionCreate a client definition in the administration tool for the ACE/Server itself. Authenticate via "path"/ace/prog/sdshell on a UNIX ACE/Server or winnt\system32\sdtest.exe on a Windows NT ACE/Server. This will create a securid file in the "path"/ace/prog directory. If the client already exists, clear the "sent node secret" checkbox before authenticating.
WorkaroundMoving a database from one machine to another does not move the securid (node secret) file from "path"/ace/data on the old machine to the new machine. If the IP address or hostname of the server is different from the old machine, the node secret will also change.
Legacy Article IDa234

Attachments

    Outcomes