RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Platform: null
Platform (Other): null
O/S Version: null
Product Name: null
Product Description: null
To know RSA SecurID password encryption at rest.
OR
Detailed information about the internal database, external identity source, or both.
1) Ensure SSH access is enabled on the primary. Check this by logging on to the Operations Console and selecting Administration >
Operating System Access.
2) Open an SSH session on the Authentication Manager primary.
Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.
Note that during Quick Setup another user name may have been selected. Use that user name to login.
Run the commands below to capture the com.rsa.db.dba.password, shown below.
On this server, the value is (asByoqA2vgpQwfYfET17RIWwzIqSaa) but will be different in your deployment of Authentication Manager.
Password hashing algorithm is SSHA256 as shown from ims_identity_source table output below:
login as: rsaadmin
Keyboard-interactive authentication prompts from server:
| Password:
End of keyboard-interactive prompts from server
Last login: Thu Mar 4 12:15:41 2021 from 192.168.20.1
RSA Authentication Manager Installation Directory: /opt/rsa/am
rsaadmin@amprimary:~> cd /opt/rsa/am/utils
rsaadmin@amprimary:/opt/rsa/am/utils> ./rsautil manage-secrets -a get com.rsa.db.dba.password
Please enter OC Administrator username: ocadmin
Please enter OC Administrator password: *********
com.rsa.db.dba.password: asByoqA2vgpQwfYfET17RIWwzIqSaa
rsaadmin@amprimary:/opt/rsa/am/utils> cd ../pgsql/bin
rsaadmin@amprimary:/opt/rsa/am/pgsql/bin> ./psql -h localhost -p 7050 -d db -U rsa_dba
Password for user rsa_dba:
psql.bin (9.4.1)
SSL connection (protocol: TLSv1.2, cipher: AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.
db=# select NAME,INTERNAL_STORE,SRC_TYPE,SALT_SIZE,PWD_ALGORITHM, DESCRIPTION from ims_identity_source;
name | internal_store | src_type | salt_size | pwd_algorithm | description
-------------------+----------------+----------+-----------+---------------+------------------------
Internal Database | t | 10 | 5 | SSHA256 | System Identity Source
Active Directory | f | 0 | 5 | SSHA256 |
AD test | f | 0 | 5 | SSHA256 |
AD test_2 | f | 0 | 5 | SSHA256 |
(4 rows)
db=#
IMS_IDENTITY_SOURCE table: Detailed information about the internal database, external identity source, or both.
file:///C:/Users/elassh/Downloads/SecurID/Guides/Developer%20Guide/auth_manager_developer_guide.htm#Production/AM_Developer_Guide/am_r_database_schema.html%3FTocPath%3DRSA%2520Authentication%2520Manager%2520Developer's%2520Guide%7CSQL%2520Access%2520to%2520the%2520RSA%2520Authentication%2520Manager%2520Database%7C_____1
Related Articles
Set the RSA Authentication Manager internal database password to optional Number of Views How to check the size of the internal database in RSA Authentication Manager 8.x Number of Views How to create Internal Database users without passwords in Authentication Manager 8.x Number of Views CyberArk CPM Plugin Configuration for RSA Authentication Manager - RSA Ready Implementation Guide Number of Views Add a User with Options to the Internal Database Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
