000036496 - RSA Authentication Agent API 8.5 does not honor the preferences defined in sdopts.rec

Document created by RSA Customer Support Employee on Jul 13, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000036496
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Agent API 8.5 for C.
RSA Version/Condition: 8.5

  • A customer's custom agent is built using RSA Authentication Agent API 8.5.
  • The file sdopts.rec contains two USESERVER parameters where the IP addresses are replica instances (local)
  • Authentication works
  • Using acestatus returns a list of authentication manager instances.
  • Defined preferred servers in sdopts.rec where one replica instance is located in the US (local) and the second replica instance is located in remote site. 
  • If the request goes to remote Authentication Manager server, the authentication fails and the acestatus fails to return a list of Authentication Manager instances and shows the error message:

Error cannot reach ACE/Server

  • The real-time authentication activity monitor does not report any authentication requests.
CauseIt appears that the Authentication API 8.5 for C does not honor the preferred server settings defined in sdopts.rec when the servers are in remote location(s).
ResolutionThis issue has been reported in the defect AAC-793 and AAC-799 and resolved in 8.5.1 build 112. A hot fix is available to resolve this issue. Contact customer support to obtain the hot fix.