Repair Connection
a month ago

Repair Connection

When Authentication Manager 8.7 SP2 or later is successfully connected to Cloud Authentication Service (CAS), Authentication Manager attempts to configure newer features such as the notification channel (from CAS/IDR to Authentication Manager) and user synchronization (from Authentication Manager internal database to CAS). During this process, if there are any configuration failures, Authentication Manager activates the Repair Connection button to help resolve those issues without having to reconnect to the Cloud.

Before you begin 

You must be a Super Admin.

Procedure 

  1. From the Security Console, click Setup > System Settings.

  2. In the Authentication Settings section, Click RSA Cloud Authentication Service Configuration.

  3. Under Register RSA Authentication Manager with RSA Cloud Authentication Service, click Repair Connection.
    A message appears to confirm whether the issues have been resolved or not.

Repairing the Cloud Connection Issues

Following are the possible Cloud connection failures and their corrective actions:

ScenarioWarning MessageAction

Configuration exchange between the Authentication Manager and CAS to enable the Notification Channel fails.

The configuration data exchange between Authentication Manager and CAS has failed.

Click Repair Connection to resolve the issue.

Identity source for user synchronization on Authentication Manager does not match with one present on CAS.

User synchronization from the Authentication Manager (AM) Internal Database to CAS failed due to an Identity Source internal ID mismatch between AM and CAS. To fix this error, delete the Identity Source in CAS, disable the user sync in AM, then reenable user sync in AM.

Delete the Identity Source on CAS and Disable the user synchronization on Authentication Manager and reenable user synchronization in AM.

Identity source for user synchronization not present on CAS but present on AM.

User synchronization from the Authentication Manager (AM) Internal Database to CAS failed because an AM Internal Database Identity Source is not present in CAS. To fix this error, disable the user sync in AM, then reenable user sync in AM.

Disable the user sync on Authentication Manager and reenable user synchronization in AM.

Identity source for user synchronization not present on AM but present on CAS.

The CAS tenant is synchronizing users to an Authentication Manager (AM) server instance. To stop this user synchronization, delete the 'Authentication Manager Internal Database' Identity Source, which deletes all its users and authenticators in CAS, then click the Repair Connection button in AM.

Delete the identity source on CAS and click the Repair Connection button in Authentication Manager.

Identity source for user synchronization is disabled on CAS.

Synchronization of users from the Authentication Manager (AM) Internal Database to CAS failed because the AM Identity Source in CAS has been disabled. To resolve this error, enable the AM Internal Database ID source in CAS, then click the 'Repair Connection' button in AM.

Enable the identity source on CAS and click the Repair Connection button in Authentication Manager.

User synchronization failed due to identity source was unavailable in CAS during synchronization.

Synchronization of users from the Authentication Manager (AM) Internal Database to CAS failed because the AM identity source is missing in CAS. To resolve this error, disable user synchronization from AM to CAS and save it, then enable user synchronization again.

Disable the user synchronization on Authentication Manager.

The connection status between Authentication Manager and CAS is unhealthy.

There is an API key mismatch between CAS and the Authentication Manager (AM) so AM is no longer authorized to communicate with CAS. To resolve this error, go to RSA Cloud Authentication Service Configuration and follow the steps in the Register RSA Authentication Manager with the RSA Cloud Authentication Service section.

Reconnect to CAS.

 

 

 

Don't see what you're looking for?