How to recover the user id or password of a read only database user from RSA Authentication Manager 8.x
Originally Published: 2019-03-08
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
- How to recover userid or password of a read-only database user from RSA Authentication Manager 8.x when it is unknown or lost.
- Customer has created a user for read-only access of RSA Authentication Manager database earlier but userid is now unavailable.
- Customer does not remember the password of the read-only database user which was created earlier.
Resolution
Steps:
- Enable Secure Shell on the Appliance following Enable Secure shell on the RSA Authentication Manager appliance.
- Logon to the primary Authentication Manager 8.x server via SSH as the rsaadmin user.
Note that during Quick Setup another username may have been selected. Use that username to login. - Navigate to /opt/rsa/am/utils.
- Run the command: ./rsautil manage-secrets -a listall to list parameters
- When prompted, enter the Operations Console administrator's name and password to list the available read-only database users
login as: rsaadmin Using keyboard-interactive authentication. Password: <enter operating system password> Last login: Mon Jan 9 13:07:55 2017 from jumphost.vcloud.local RSA Authentication Manager Installation Directory: /opt/rsa/am rsaadmin@am8xp:~> cd /opt/rsa/am/utils rsaadmin@am8xp:/opt/rsa/am/utils> ./rsautil manage-secrets -a listall Please enter OC Administrator username: <enter Operations Console administrator name> Please enter OC Administrator password: <enter Operations Console administrator password>
- The output after running the above command successfully prints several values list to the screen.
- Refer to the documented keys listed below for read-only database user information such as user ID, passwords and other properties that are set when the read-only database user is created.
Note: the passwords for the readonly.dbusers.x will be displayed in plain text.
Secrets stored in ./etc/systemfields.properties. com.rsa.am.readonly.dbusers ...........................: readonly.dbusers.1,readonly.dbusers.2 readonly.dbusers.1 ....................................: rdbuser readonly.dbusers.1.password ...........................: support1! readonly.dbusers.1.props ..............................: 192.168.2.175|255.255.255.0 readonly.dbusers.2 ....................................: rouser readonly.dbusers.2.password ...........................: Passwd01... readonly.dbusers.2.props ..............................: 192.168.2.102|255.255.255.255
Related Articles
How to recover failed RSA Authentication Manager 8.x virtual appliance when the filesystem is stuck in read-only mode Number of Views Authentications failing after changing the directory password for the Directory User ID in the Identity Source Configurati… Number of Views How to reset the RSA Authentication Manager 8.x system fingerprint Number of Views How to recover when RSA Authentication Manager 8.x system passwords are not known or are lost Number of Views Read-only file system message for RSA Identity Governance & Lifecycle Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
