How to recover the user id or password of a read only database user from RSA Authentication Manager 8.x
Originally Published: 2019-03-08
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
- How to recover userid or password of a read-only database user from RSA Authentication Manager 8.x when it is unknown or lost.
- Customer has created a user for read-only access of RSA Authentication Manager database earlier but userid is now unavailable.
- Customer does not remember the password of the read-only database user which was created earlier.
Resolution
Steps:
- Enable Secure Shell on the Appliance following Enable Secure shell on the RSA Authentication Manager appliance.
- Logon to the primary Authentication Manager 8.x server via SSH as the rsaadmin user.
Note that during Quick Setup another username may have been selected. Use that username to login. - Navigate to /opt/rsa/am/utils.
- Run the command: ./rsautil manage-secrets -a listall to list parameters
- When prompted, enter the Operations Console administrator's name and password to list the available read-only database users
login as: rsaadmin Using keyboard-interactive authentication. Password: <enter operating system password> Last login: Mon Jan 9 13:07:55 2017 from jumphost.vcloud.local RSA Authentication Manager Installation Directory: /opt/rsa/am rsaadmin@am8xp:~> cd /opt/rsa/am/utils rsaadmin@am8xp:/opt/rsa/am/utils> ./rsautil manage-secrets -a listall Please enter OC Administrator username: <enter Operations Console administrator name> Please enter OC Administrator password: <enter Operations Console administrator password>
- The output after running the above command successfully prints several values list to the screen.
- Refer to the documented keys listed below for read-only database user information such as user ID, passwords and other properties that are set when the read-only database user is created.
Note: the passwords for the readonly.dbusers.x will be displayed in plain text.
Secrets stored in ./etc/systemfields.properties. com.rsa.am.readonly.dbusers ...........................: readonly.dbusers.1,readonly.dbusers.2 readonly.dbusers.1 ....................................: rdbuser readonly.dbusers.1.password ...........................: support1! readonly.dbusers.1.props ..............................: 192.168.2.175|255.255.255.0 readonly.dbusers.2 ....................................: rouser readonly.dbusers.2.password ...........................: Passwd01... readonly.dbusers.2.props ..............................: 192.168.2.102|255.255.255.255
Related Articles
How to recover failed RSA Authentication Manager 8.x virtual appliance when the filesystem is stuck in read-only mode Number of Views AM 8.1: Cannot add or manage a user with user ID <UserID>. User IDs must be unique within a deployment. This user ID is al… Number of Views Add Trusted Users to a Trusted User Group Number of Views User cannot change password with an error Read ONLY external database. Number of Views Limiting users to one token per user ID in RSA Authentication Manager 8.x Number of Views
Trending Articles
RSA SecurID software token .sdtid file fails to import into RSA SecurID Software Token 5.0 for Windows RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager Patch Updates Unable to login to RSA Authentication Manager Security Console as super admin RSA Authentication Manager Upgrade Process
Don't see what you're looking for?
