Backup and restore on two different Authentication Manager servers
Please note:
1. To restore the data on a different machine, you must add a flag "-D" or "--transfer" in the command when backup and restore.
2. Besides the database server service, the database listener and database instance service must also be started when restoring the database.
How to Move RSA Authentication Manager 7.1 SP4 data to a new system:
- On the new system:
1) Install clean RSA Authentication Manager 7.1 SP4 full installation kit - installed using the same administrative accounts and master password as the previous production system to ensure the encrypted IMS data backup restores correctly.
2) You will need to add the Radius server through the Operations Console just as you did for the existing AM 7.1 configurations before restoring the database.
On the existing AM 7.1 system:
1) Take a backup on the current Appliance system which runs AM 7.1sp 4:
<!--[if !supportLineBreakNewLine]-->
<!--[endif]-->
<!--[if !supportLists]-->? <!--[endif]-->Open a CMD on the Primary, run:
<!--[if !supportLists]-->? <!--[endif]-->cd c:\Program Files\RSA Security\RSA Authentication Manager\utils
<!--[if !supportLists]-->? <!--[endif]-->rsautil manage-backups -a export -D ?f c:\backup.dmp
This will create two files in the /tmp directory, one named backup.dmp, the other named backup.secrets.
2) Archive/zip-up the Radius directory from here:
<!--[if !supportLists]-->? <!--[endif]-->cd c:\Program Files\RSA Security\RSA Authentication Manager\radius
3) Copy these files (the two dmp files and the radius.zip) over to the new system.
4) You can take this system off the network now to avoid IP/hostname conflicts with the new AM 7.1 system.
<!--[if !supportLineBreakNewLine]-->
<!--[endif]-->
On the new system:
1. Configure the RADIUS Server
2. Stop all Authentication Manager Services:
3. Then start the database listener, database instance, and database server services (needed for the db import):
4. Remove the primary metadata:
<!--[if !supportLists]-->? <!--[endif]-->Open a CMD on the Primary, run:
<!--[if !supportLists]-->? <!--[endif]-->cd c:\Program Files\RSA Security\RSA Authentication Manager\utils
<!--[if !supportLists]-->? <!--[endif]--> rsautil setup-replication -a remove-primary
5. Import the database:
<!--[if !supportLists]-->? <!--[endif]-->rsautil manage-backups -a import -D -f c:\backup.dmp
6. Reset the primary metadata:
<!--[if !supportLists]-->? <!--[endif]-->rsautil setup-replication -a set-primary
7. Copy the radius.zip file over to /RSA Security/RSA Authentication Manager
(It should then list out as /RSA Security/RSA Authentication Manager/radius/Service)
8. After the import completes and the radius folder is in place, start all the other RSA services
9. Login to the Security console and verify if users are there. Test authentication out.
Related Articles
Announcing the Release of SecurID Governance Lifecycle Cloud Number of Views How to configure CP-Gaia-SuperUser-Access attribute to be returned Number of Views How to check the TTLS ( LDAPS /ODA )certificate from the packet capture Number of Views A customer requests that a BIN in TEST environment be moved into PRODUCTION environment This procedure explains and provid… Number of Views Large volume of log files generated under AFX folder in RSA Governance & Lifecycle Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process How to Update the Root (Server) and Client Certificates in RSA Identity Governance & Lifecycle RSA Authenticator 6.2.2 for Windows Administrator Guide RSA SecurID software token .sdtid file fails to import into RSA SecurID Software Token 5.0 for Windows RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
