This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
ERICSUCHON
Beginner
Beginner
‎2018-11-06 09:00 AM

"Self Service Console URL" is an invalid URL - using a valid URL

Jump to solution

Hi all,

 

I've inherited the RSA Security Console role and wanted to get my Self Service portal up for my end users. 

I'm currently working out of the Self-Service Settings: Customization > E-mail Notifications for User Account Changes page. 

 

I see in the Self Service Console URL that the expected URL for the server is populated already.   All I'm trying to do is change the e-mail notifications/e-mail template on this page and when I save it, I get an error regarding the Self Service Console URL.

 

I've verified I can log into the self service console using the same URL.

 

URL format is https://server.domain:7004/console-selfservice

What are my next steps?

Thank you!

0 Likes
Reply
1 Solution

Accepted Solutions
EdwardDavis
Employee
Employee
In response to David
‎2020-01-02 12:24 PM

Jump to solution

What is the last part of the DNS name, is it a non-standard domain like .sms, or unusual, or custom, or internal only ?

because.... if you use email addresses with custom or non-standard domains (name@company.sss is one example) you would need to edit a configuration file and add the non-standard domain to a list, so you can then save pages with the custom email addresses....otherwise any page with a non-standard domain will throw an error simply by saving the page without changes, until the ims.properties file is modified.

 

 

I only know this affects email address...

so I am wondering if this issue is because the system name itself has a non-standard domain,

and if adding it to the ims.properties file config file would have any effect ?

 

About this: (fyi this is all from Security Console help menu)

Apache components included in the Authentication Manager appliance prevent the use of nonstandard email domains, such as .bank, .law, and .sms. Authentication Manager allows the nonstandard .local domain.

 

To use other nonstandard domains, you must edit the Authentication Manager ims.properties file on each primary and replica instance.

 

Before you begin 

The rsaadmin operating system password for the primary instance is required.

Procedure 

  1. Log on to the primary instance appliance with the User ID rsaadmin and the current operating system password:
    • On a hardware appliance, an Amazon Web Services appliance, or an Azure appliance, log on to the appliance using the SSH client.
    • On a VMware virtual appliance, log on to the appliance using an SSH client or the VMware vSphere client.
    • On a Hyper-V virtual appliance, log on to the appliance using an SSH client, the Hyper-V System Center Virtual Machine Manager Console, or the Hyper-V Manager.
  2. Change directories:

    cd /opt/rsa/am/utils/resources

  3. In a text editor, such as the vi editor, open the ims.properties file.
  4. If the validDomainList line does not exist, only the .local nonstandard domain is supported, and you must add validDomainList to support additional nonstandard domains:

    validDomainList=.nonstandard;.local;

    Where nonstandard is the name of the nonstandard domain. For example, to support a .sms and a .local email domain, you would enter validDomainList=.sms;.local;

    You can add more than one nonstandard domain. Separate each name with a semicolon.

  5. Save your changes. For example, in the vi editor, type :wq!.
  6. Change directories:

    cd /opt/rsa/am/server

  7. Restart Authentication Manager services:

    ./rsaserv restart all

    The nonstandard domains are listed in /opt/rsa/am/utils/resources/ims.properties.

  8. The ims.properties file is not replicated. If you promote a replica instance, you must repeat this procedure, unless you prepare for promotion by repeating these steps on each Authentication Manager instance in your deployment.

 

 

View solution in original post

Reply
5 Replies
EdwardDavis
Employee
Employee
‎2018-11-06 11:30 AM

Jump to solution

a) What full version of Auth Manager ? 8.x.x.x.x ? 

 

b) How about making no changes to the email template, can you save the page then ?

 

in case you have syntax errors, here is the default content to revert to

 

To

${Principal.Email}   not editable

CC

blank

 

Subject

Recent Account Change: ${MailComposer.RequestType}

 

Body

Recent account change: ${MailComposer.NL}${MailComposer.NL}
Account change: ${MailComposer.RequestType}${MailComposer.NL}
Performed by: ${Principal.UserID}${MailComposer.NL}
Date of account change: ${MailComposer.RequestDate}${MailComposer.NL}${MailComposer.NL}
If you have not authorized this change, please contact your administrator with the information in this e-mail.

Reply
David
Frequent Contributor
Frequent Contributor
In response to EdwardDavis
‎2019-12-27 05:48 AM

Jump to solution

Hi Edward,

 

Burring out this subject as I'm getting exactly the same error.

From reading your post, I tried just to "Edit" and "Save" without any modification in the form, and RSA AM is throwing me this :

RSA Security Console - Self-Service Configuration_ E-mail Notifications for User - Edit.png

RSA Security Console - Self-Service Configuration_ E-mail Notifications for User.png

[ RSA AM version : 8.3, no patch ]

 

 

Kind Regards,

 

David

0 Likes
Reply
StevenSpicer
Valued Contributor Valued Contributor
Valued Contributor
In response to David
‎2020-01-02 10:29 AM

Jump to solution

Hello David,

If you haven't already, you should open a case on this with RSA Support (https://community.rsa.com/docs/DOC-1294 ) so you can discuss the details of the URL in a non-public setting.

Steve Spicer

Reply
EdwardDavis
Employee
Employee
In response to David
‎2020-01-02 12:24 PM

Jump to solution

What is the last part of the DNS name, is it a non-standard domain like .sms, or unusual, or custom, or internal only ?

because.... if you use email addresses with custom or non-standard domains (name@company.sss is one example) you would need to edit a configuration file and add the non-standard domain to a list, so you can then save pages with the custom email addresses....otherwise any page with a non-standard domain will throw an error simply by saving the page without changes, until the ims.properties file is modified.

 

 

I only know this affects email address...

so I am wondering if this issue is because the system name itself has a non-standard domain,

and if adding it to the ims.properties file config file would have any effect ?

 

About this: (fyi this is all from Security Console help menu)

Apache components included in the Authentication Manager appliance prevent the use of nonstandard email domains, such as .bank, .law, and .sms. Authentication Manager allows the nonstandard .local domain.

 

To use other nonstandard domains, you must edit the Authentication Manager ims.properties file on each primary and replica instance.

 

Before you begin 

The rsaadmin operating system password for the primary instance is required.

Procedure 

  1. Log on to the primary instance appliance with the User ID rsaadmin and the current operating system password:
    • On a hardware appliance, an Amazon Web Services appliance, or an Azure appliance, log on to the appliance using the SSH client.
    • On a VMware virtual appliance, log on to the appliance using an SSH client or the VMware vSphere client.
    • On a Hyper-V virtual appliance, log on to the appliance using an SSH client, the Hyper-V System Center Virtual Machine Manager Console, or the Hyper-V Manager.
  2. Change directories:

    cd /opt/rsa/am/utils/resources

  3. In a text editor, such as the vi editor, open the ims.properties file.
  4. If the validDomainList line does not exist, only the .local nonstandard domain is supported, and you must add validDomainList to support additional nonstandard domains:

    validDomainList=.nonstandard;.local;

    Where nonstandard is the name of the nonstandard domain. For example, to support a .sms and a .local email domain, you would enter validDomainList=.sms;.local;

    You can add more than one nonstandard domain. Separate each name with a semicolon.

  5. Save your changes. For example, in the vi editor, type :wq!.
  6. Change directories:

    cd /opt/rsa/am/server

  7. Restart Authentication Manager services:

    ./rsaserv restart all

    The nonstandard domains are listed in /opt/rsa/am/utils/resources/ims.properties.

  8. The ims.properties file is not replicated. If you promote a replica instance, you must repeat this procedure, unless you prepare for promotion by repeating these steps on each Authentication Manager instance in your deployment.

 

 

Reply
David
Frequent Contributor
Frequent Contributor
In response to EdwardDavis
‎2020-01-06 04:38 AM

Jump to solution

Hi Steven, Ed,

 

@Steven : you were right about the non-standard domain name

 

@Ed : Thanks for your answer and explanation.

You are absolutely completely RIGHT !!! The "validDomainList" trick did it 100% !    🙂

 

I have no more issue when saving now :

2020-01-06 10_31_42-RSA Security Console - Self-Service Settings.png

 

Many thanks !

 

Taking profit of this post to wish an happy new year to all RSA staff !

 

Kind Regards,

David

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.