RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.4.0.2.0
The software update log file (e. g., update-8.4.0.2.0-build1406696-20190328110907.log) found in the /opt/rsa/am/server/logs directory reports the following messages:
262305 2019-03-28 11:16:12,814 INFO: Deploying wrapper conf for RSA Replication (Primary)
[copy] Copying 1 file to /tmp/rsa-install-2019-03-28-11-11-53/replication-wrapper-templates
[java] Initializing WebLogic Scripting Tool (WLST) ...
[java] Welcome to WebLogic Server Administration Scripting Shell
[java] Type help() for help on available commands
[java] Problem invoking WLST - Traceback (innermost last):
[java] File "/tmp/rsa_update/iso/rsa/scripts/wlst/update-deployed-apps.py", line 36, in ?
[java] File "/tmp/WLSTOfflineIni8843577475581477868.py", line 139, in updateDomain
[java] File "/tmp/WLSTOfflineIni8843577475581477868.py", line 19, in command
[java] 60716: The domain contains online pending unactivated changes, offline changes will be ignored on activation of pending changes.
[java] 60716: The domain contains online pending unactivated changes.
[java] 60716: Activate or undo the pending changes before upgrading domain using WLST offline script.
[java] at com.oracle.cie.domain.script.jython.CommandExceptionHandler.handleException(CommandExceptionHandler.java:69) [java] at com.oracle.cie.domain.script.jython.WLScriptContext.handleException(WLScriptContext.java:2983)
[java] at com.oracle.cie.domain.script.jython.WLScriptContext.runCmd(WLScriptContext.java:735)
[java] at sun.reflect.GeneratedMethodAccessor178.invoke(Unknown Source)
[java] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[java] at java.lang.reflect.Method.invoke(Method.java:498)
[java] com.oracle.cie.domain.script.jython.WLSTException:
com.oracle.cie.domain.script.jython.WLSTException: Error updating domain:
[java] 60716: The domain contains online pending unactivated changes, offline changes will be ignored on
activation of pending changes.
[java] 60716: The domain contains online pending unactivated changes.
[java] 60716: Activate or undo the pending changes before upgrading domain using WLST offline script.
[java] Error: runCmd() failed. Do dumpStack() to see details.
You must apply a software update to the primary and all replica instances in your RSA Authentication Manager deployment. Make sure you apply the software update to the primary instance first before applying the software update to the replica instances, one replica at a time.
In most cases the Authentication Manager software update installer rolls back the Authentication Manager instance to the previous version of software and in a stable condition.
Before applying the RSA Authentication Manager 8.4 patch 2 software update again to the Authentication Manager instance, an administrator can perform the following checks:
- Check all of the Authentication Manager services are running. At the command line use the following command :
/opt/rsa/am/server/rsaserv status all
- Check whether a file called config.xml exists in /opt/rsa/am/server/pending:
Where the file /opt/rsa/am/server/pending/config.xml exists, the administrator must move the config.xml file to the /tmp folder with the command mv /opt/rsa/am/server/pending/config.xml /tmp.
- Take a backup before applying the RSA Authentication Manager 8.4 patch 2 software update. Use the steps available on how to Create a Backup Using Back Up Now.
- Apply the RSA Authentication Manager 8.4 patch 2 software to the Authentication Manager instance. Refer to the steps on Upgrading RSA Authentication Manager.
During the update process the administrator will be prompted to enter the rsaadmin password. At this point of the software update please check if /opt/rsa/am/server/pending/config.xml has returned and remove it/or move it to the /tmp folder. Keep checking the /opt/rsa/am/server/pending folder for the presence of the config.xml file during the software update process and remove it.
Note that during Quick Setup another user name may have been selected other than rsaadmin. Use that user name to login.
- Check all of the Authentication Manager services are running after the software update. At the command line run:
/opt/rsa/am/server/rsaserv status all
Related Articles
Port Traffic for RSA Authentication Manager Number of Views Checklist for successful promotion of RSA Authentication Manager 8.x replica instance for maintenance Number of Views Authentication Manager 8.x Replica RADIUS Authentication Fails: Missing or Invalid Product Setting Number of Views Ports for the RSA Authentication Manager Instance Number of Views Testing TCP ports on RSA Authentication Manager 8.x instances with a script (Script attached) Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide How to Download OTP Token Seed Files from myRSA RSA Authentication Manager 8.9 Release Notes (January 2026)
