|Applies To||RSA Product Set: RSA Identity Governance & Lifecycle|
RSA Version/Condition: 7.0.2 P02+
|Issue||Starting in RSA Identity Governance & Lifecycle 7.0.2 P02, the AveksaAdmin Account password is hashed and encrypted in a format that is unique to each installation.|
When importing data containing this password after performing a new installation or upgrade, RSA Identity Governance & Lifecycle creates a marker KEK file, called Xmk.key, which links the hashed and encrypted AveksaAdmin password to a specific deployment. After the Xmk.key file is created, RSA Identity Governance & Lifecycle handles subsequent attempts to import the AveksaAdmin password in the older format, or attempts to manually edit the AveksaAdmin password in the database, as potential tampering.
Restoring the AveksaAdmin password may be required in the following circumstances:
Super Admin account access denied.
Super admin password tampering has been detected. Password recovery steps must be taken before login to the Super Admin account is allowed, please consult documentation.
Possible Super Admin account password tampering detected, access denied.
|Resolution||For remediation of this issue, please call RSA Customer Support and refer to this article.|