000036398 - RSA Authentication Manager replica instance fails to attach to the Authentication Manager deployment

Document created by RSA Customer Support Employee on Jun 24, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000036398
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.2 or later
IssueAn RSA Authentication Manager replica instance was being deployed and attached to an existing Authentication Manager deployment and failed during the attach stage. 
CauseDuring the attach failure, a zip file called appliance_setuplogs.zip gets generated and this revealed an error that indicates the administrator is adding a replica instance to an Authentication Manager deployment where the replica instance limit has been reached in the license.  For example, the error below shows the attempted attachment of a replica named am8r01.rsa.local:

@@@2018-05-17 03:28:01,467 ERROR [ReplicaAttach] GUILog.traceThrowable(637) | error: 
com.rsa.authmgr.internal.replication.TransportClientUnexpectedStatusException: Expected the HTTP response code 200, but got: 500 Message: java.lang.RuntimeException:
The am8r01.rsa.local replica with the 64ee250f98041fac36100c4dbdd531ca instance ID was not able to attach. This replica exceeds the number of instances allowed by the license.
      at com.rsa.authmgr.internal.replication.TransportClientBase.executeMethodExpectOK(TransportClientBase.java:170)

ResolutionAn administrator can perform the following steps to check and clean up an Authentication Manager deployment of unwanted replica instances:
  1. From the Security Console, view the installed licenses and checkto see  if you have a Base or Enterprise license.

  • A Base license allows for one replica instance in the Authentication Manager deployment.
  • An Enterprise license allows for up to fifteen replica instances.

  1. Check the number of replica instances in the Authentication Manager deployment
    1. Check Replication Status of the replicas in the deployment.
    2. Count the number of replica instances or, where there are none, an administrator will get the following warning: 

There are no replica instances configured for this deployment.

  1. From the Security Console navigate to RADIUS > RADIUS Servers.

    1. Check the number of RSA RADIUS Servers that have a type of Replica.
  2. Delete any unwanted Authentication Manager replica instances from the deployment where found using the procedure on how to delete a replica instance.
  3. Deploy a new Authentication Manager replica instance. Depending on the version of the deployment, use one of the following guides:
NotesShould you still experience an issue deploying and attaching an Authentication Manager replica instance to the Authentication Manager deployment then please contact RSA Customer Support and open a technical support case. Please have your license serial number ready, to speed up the process of opening a case.