Create list of users who have not logged into RSA Authentication Manager 8.x for a specific period of days
Originally Published: 2016-05-23
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
Tasks
Procedure
1. In the Operations Console, navigate to Administration > Operating System Access.2. In the SSH Settings section, select the checkbox for each NIC on which you want to enable SSH. If you have multiple NICs configured, you can enable SSH on more than one NIC.
3. Click Save.
Resolution
Following are the command line steps to generate a report for users who have not logged in for a specific number of days to RSA Authentication Manager.
- Launch an SSH client, such as PuTTY.
- Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.
- Navigate to /opt/rsa/am/utils.
login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter operating system password>
Last login: Wed Oct 16 13:40:28 2019 from jumphost.vcloud.local
RSA Authentication Manager Installation Directory: /opt/rsa/am
rsaadmin@am82p:~> cd /opt/rsa/am/utils
Using keyboard-interactive authentication.
Password: <enter operating system password>
Last login: Wed Oct 16 13:40:28 2019 from jumphost.vcloud.local
RSA Authentication Manager Installation Directory: /opt/rsa/am
rsaadmin@am82p:~> cd /opt/rsa/am/utils
Note that during Quick Setup another user name may have been selected. Use that user name to login.
- Enter the following commands to get the database password:
rsaadmin@am83p:> /opt/rsa/am/utils/rsautil manage-secrets -a get com.rsa.db.dba.password
Please enter OC Administrator username: <enter Operations Console administrator name>
Please enter OC Administrator password: <enter Operations Console administrator password>
com.rsa.db.dba.password: ckg2DBtNZLy80TADWcGqdF0NOJygAQ
Please enter OC Administrator username: <enter Operations Console administrator name>
Please enter OC Administrator password: <enter Operations Console administrator password>
com.rsa.db.dba.password: ckg2DBtNZLy80TADWcGqdF0NOJygAQ
Note that the database password value will be different for each installation of Authentication Manager.
The appropriate method would be to create a read only database user following the steps in Connecting to or querying the database using pgSQL in RSA Authentication Manager 8.x
- Create a text file in /opt/rsa/am/utils with the name UserLastLogin.sql.
rsaadmin@am82p:/opt/rsa/am/utils> touch UserLastLogin.sql
rsaadmin@am82p:/opt/rsa/am/utils> vi UserLastLogin.sql
rsaadmin@am82p:/opt/rsa/am/utils> vi UserLastLogin.sql
- Press i to enter Insert mode.
- Copy the SQL statement below into the text file:
SELECT loginuid,serial_number,last_login_date FROM am_token_oob,am_token, ims_principal_data WHERE am_token_oob.am_token_id=am_token.id AND am_token.principal_id=ims_principal_data.id AND last_login_date>'2016-05-07'
- Save changes by pressing Escape then typing wq! and pressing Enter:
- Use the following command to generate an output file named UserLastLogin.csv using the UserLastLogin.sql script created above:
/opt/rsa/am/pgsql/bin/psql -h localhost -p 7050 -d db -U rsa_dba UserLastLogin.sql -o UserLastLogin.csv
- When prompted, enter the database password obtained from step 4.
- Review the file UserLastLogin.csv. Sample output is shown here:
loginuid | serial_number | last_login_date
-----------------------------------------------------
smithj | 000xxxxxxxx1 | 2016-05-02 20:53:23.734
roer | 000xxxxxxxx2 | 2016-05-06 13:18:56.284
-----------------------------------------------------
smithj | 000xxxxxxxx1 | 2016-05-02 20:53:23.734
roer | 000xxxxxxxx2 | 2016-05-06 13:18:56.284
Notes
If you need further assistance, please contact RSA Support and reference article 000033182.
Related Articles
Authentication Manager 8.5 P5 connection to Cloud Authentication Service gets “permitted only authenticators you have purc… Number of Views How to synchronize user accounts that do not have an email address to the SecurID Access Cloud Authentication Service Number of Views When signing a SHA256 CA off a SHA1 Root CA it does not have a SHA256 signature algorithm in RCM Number of Views Connecting to or querying the database using pgSQL in RSA Authentication Manager 8.x Number of Views Cloning AFX connectors creates duplicate connectors if connector names have been modified in RSA Identity Governance & Lif… Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
