000022427 - RSA hot fix 26490 - RSA Authentication Agent for Web 5.3 for IIS - memory leak

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022427
Applies ToRSA Authentication Agent 5.3 for Web for IIS
RSA SecurID Appliance
RSA Authentication Agent software
Microsoft Windows
hot fix 26490
memory leak
IssueThis agent cannot reach the RSA Authentication Manager. Please conact your administrator immediately. - this messages appears after a SecurID authentication on the local console or via Remote Desktop Connection (RDP)
Login failed. Make sure you have entered the correct username, domain, and passcode/password. Click the Help button on the log on screen if you need help on getting started and using passcodes.
CauseRSA hot fix 26490 contains an additional hot fix file called 'aceapi.exe' which replaces two files; %systemroot%/system32/aceclnt.dll and %systemroot%/system32/sdmsg.dll with web agent related files which cannot be used with RSA Authentication Agent 6.1 for Windows.
Resolution

To recover from this issue you will need to access the workstation, server or RSA SecurID Appliance with a local administrator user that does not get challenged for SecurID authentication and uses a local Windows password for access.

 

On the RSA SecurID Appliance, the local user name is ?rsaLocalAdmin? and you must use a monitor, keyboard, and mouse physically connected to the appliance hardware for access.

 

NOTE: the person who configured the RSA SecurID Appliance would have set the ?rsaLocalAdmin? password

 

The resolution to this symptom would be to logon to the workstation, server or RSA SecurID Appliance with an administrative account (using a local Windows password) and reverse the changes made to aceclnt.dll and sdmsg.dll.

 

If you are unable to recover the original files then try using this file bundle, as this contains version 6.1 [300] of aceclnt.dll and sdmasg.dll. These files must go into the %systemroot%/system32 (e.g. C:\Windows\system32) directory.

 

Please contact RSA Customer Support if you are unable to logon to the system exhibiting the symptom and we will do best efforts to find a resolution for you.

WorkaroundRSA hot fix 26490 has been applied to a workstation, server or RSA SecurID Appliance where RSA Authentication Agent for Web 5.3 for IIS and RSA Authentication Agent 6.1 for Windows have been installed on the same system.
NotesRSA hot fix 26490 has been superceded with the latest RSA Authentication Agent 5.3 for Web for IIS software build 378 (WebAgent_53_IIS_378_041807.zip).

Please use the latest upgrade kit to update software on RSA SecurID Appliance systems.

** RSA SecurID Appliance Upgrade Kit 2.0.2 is currently the latest upgrade kit available. **

Legacy Article IDa37713

Attachments

    Outcomes