Getting the RSA backup files from the RSA Authentication Manager 8.x primary instance
3 years ago
Originally Published: 2017-11-30
Article Number
000055767
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.2
Issue
Where customers are having an issue sending Authentication Manager backups to a Windows Shared Folder or NFS (Network File System) shared directory they can temporarily use the local Authentication Manager server backup location of /opt/rsa/am/backup  and use a secure FTP client to copy the *.RSAbackup file(s) to a new safe, secure location.

A typical issue would be where SMBv1 has been disabled for the Windows Shared Folder as described in RSA knowledge article 000035313 - RSA Authentication Manager 8.x backups fail to a Windows Share where SMBv1 is disabled.
Resolution
Where the backup location is the  local Authentication Manager server (that is /opt/rsa/am/backup) and secure shell (SSH) has been enabled, an administrator can use a secure FTP client to copy the *.RSAbackup files from the Authentication Manager primary instance and store them somewhere else in another secure location.

This article will describe as an example the use of psftp.exe that is part of the PuTTY utility set to obtain the Authentication Manager backup files from backup location /opt/rsa/am/backup.
  1. On a Windows platform create a new Windows folder called RSAbackup.
  2. Download and copy psftp.exe into the new Windows folder created above.
  3. Create a CMD script file called ftp.cmd and copy the following lines into the script, substituting your data accordingly and save the script.
@echo off
<absolute_path>\psftp.exe rsaadmin@n.n.n.n -pw <password> -P 22 -b getbackup.scr
pause

IMPORTANT : Substitute <absolute_path> with the absolute path to psftp.exe, substitute n.n.n.n with the IP address of the authentication manager primary instance and substitute <password> with the password for the rsaadmin account.

For example:
@echo off
C:\RSAbackup\psftp.exe rsaadmin@192.168.100.100 -pw he1fg32!&dz -P 22 -b getbackup.scr
pause
  1. Create a text document leaving the default name of New Text Document.txt 
  2. Open the New Text Document.txt and add the following lines before saving the file. efcefc
cd /opt/rsa/am/backup
mget -r *RSAbackup
  1. Rename New Text Document.txt to getbackup.scr.
  2. Contents of the RSAbackup Windows folder is psftp.exe, ftp.cmd and getbackup.scr.
  3. Test the ftp.cmd CMD script.

NOTE: Where yyyymmddhhmm.RSAbackup files exist in the /opt/rsa/am/backup folder, then RSAbackup files will get copied into the local folder where the psftp.exe, ftp.cmd and getbackup.scr are located.

Notes
The ftp.cmd script would need to modified so it can scheduled to run with the Windows scheduler.

To change:
  1. Open ftp.cmd.
  2. Remove the pause line and save the change.

Refer to the Microsoft article for how to Schedule a Task

.
Don't see what you're looking for?