SecurID^® Governance & Lifecycle 7.2 Enablement

ShlomoKatz · ‎2020-03-15

Migrated Prod 7.1 Oracle 12c database to dev 7.2 Oracle 12c appliance.

Prod, and previous dev, environment use ADFS SSO for authentication.

The migration went ok and ACM started, however:

When I access the UI, it automatically redirects to Prod ADFS SSO.

I am trying to bypass with /aveksa/main?SSOLogin=false&PageID=LoginPage

but even that redirects to PROD.

In other words:

Removing the security domain for ADFS from aveksa-standalone-full.xml , is always overwritten with the old server information.

Any thoughts?

Thank you

MHelmy · ‎2020-03-16

Not the best solution, but you can mark that authentication source as deleted from the database then restart the application.

Something like:

update t_auth_configurations set IS_DELETED='TRUE' where AUTH_PROVIDER_NAME='<Your_Auth_Source>';

commit;

MHelmy · ‎2020-03-16

Also if you have not copied over the database KEKs (encryption keys), then you won't be able to login as AveksaAdmin and pretty much all stored passwords won't work (Collectors, Connectors … etc).

Make sure you copy all files under /home/oracle/security from your Prod environment and overwrite the ones under /home/oracle/security in your new Dev environment.

ShlomoKatz · ‎2020-03-16

Thank you to both suggestions.

I did they Security folder late last night.

But I appreciate the SQL command.

SecurID® Governance & Lifecycle 7.2 Enablement

Can you disable ADFS SSO Authentication from a config file?

SecurID^® Governance & Lifecycle 7.2 Enablement