This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
DaveDicken
Beginner
Beginner
‎2018-06-22 02:16 PM

Expired license

This document describes the need to have a license installed before logging out of AM or restarting the appliance:

 

https://community.rsa.com/docs/DOC-77042

 

What happens in this scenario if you do log out or restart?

 

As a routine part of our security review, our security team is evaluating other products &, since our license/support expires shortly, I need to brief them on the implications of what will (or will not) happen if we let our license expire during any potential transition to another product.  Does the license actually expire?  ...or does this document only apply if you actually uninstall the license?

0 Likes
Reply
6 Replies
_EricaChalfin
Employee (Retired) Employee (Retired)
Employee (Retired)
‎2018-06-22 10:24 PM

Dave Dicken‌,

 

I've moved your question to the RSA SecurID Access" data-type="space space where it will be seen by the product's support engineers, other customers and partners.  Please bookmark this page and use it when you have product-specific questions.

 

Alternatively, from the RSA Customer Support" data-type="space page, click on Ask A Question on the blue navigation bar and choose Ask A Product Related Question.  From there, scroll to RSA SecurID Access" data-type="space and click Ask A Question.  That way your question will appear in the correct space.

* * * 

I am glad you looked over our documentation on how to Uninstall a License for Authentication  Manager.  Please also review knowledge article 000013162 - The customer account identifier in the license does not match that stored in the system message when install… , which provides more detail.

Regards,

Erica

0 Likes
Reply
EdwardDavis
Employee
Employee
‎2018-06-25 09:41 AM

If a license expires while running, it all works until system is restarted. Then it won't authenticate until license issues are resolved.

 

If a license is removed, and system starts with no license, everything starts up except the authentication ports. However, unlike an expired license, some menus like system settings are inaccessible. Of course, the ability to install a license is not removed.

 

In other words, in either scenario...you can manage the system somewhat you just cannot authenticate anyone except admins with passwords to the console.

 

pastedImage_1.png

0 Likes
Reply
DaveDicken
Beginner
Beginner
In response to EdwardDavis
‎2018-06-25 10:06 AM

Thanks for replying. So is the only real impact in the area of console access & therefore the inability to make any changes? Would there be any impact to users – specifically whether their VPN access would be disrupted?

 

Thank you,

Dave

0 Likes
Reply
_EricaChalfin
Employee (Retired) Employee (Retired)
Employee (Retired)
In response to DaveDicken
‎2018-06-25 10:41 AM

Dave Dicken‌,

 

If a user is already authenticated, their session will not drop during the license upgrade process.  Any users trying to authenticate in that small time frame between when you uninstall the license and install the new one will get an authentication failure message.  If they wait a minute or two and try again, they should authenticate successfully.

 

Regards,

Erica

0 Likes
Reply
DaveDicken
Beginner
Beginner
In response to _EricaChalfin
‎2018-06-25 03:47 PM

Sorry, but just to be clear I need to know since we are within days of our current license expiring….

 

Will users only get an authentication failure message during the actual uninstall/install of the license? In other words, if our license expires but we are not in the middle of uninstall/install of the license will users still be able to authenticate?

 

Thank you,

Dave

0 Likes
Reply
_EricaChalfin
Employee (Retired) Employee (Retired)
Employee (Retired)
In response to DaveDicken
‎2018-06-25 04:48 PM

Dave Dicken‌,

 

Your users that are authenticated before you swap out the license will remain authenticated.  Their sessions will not drop.  Any users who attempt to authenticate during the uninstall/install process will see their authentication fail.   If you go through the license uninstall/install process (which takes less than five minutes, including you going down the hall for a cup of coffee), it is only for that brief moment where the old license has been removed and the new license is not yet installed that your not-yet-authenticated users will fail authentication.  The reason for this is because during that window you are essentially licensed for zero users.

 

The license information is passed to the Authentication Manager software after a reboot or restart of Authentication Manager services.  If the license is expired, the license check fails and the software shuts down port 5500, which in turn means all users authentication attempts will fail until a new trial license or a production license is installed, which reopens port 5500.  This is why we tell you not to reboot or restart.  We don't want to force you into  a situation where the license check fails.

 

WHen does your trial expire?  Have you requested your new license yet?  

 

Regards,

Erica

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.