SecurID® Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.
Article Number
000036640
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
When setting up On-Demand Authentication (ODA) for SMS on RSA Authentication Manager 8.x via the Security Console (Setup > System Settings > Authentication Settings > On-Demand Tokencode Delivery > SMS Configuration) the following error displays:
The indicated field (s) on this page require your attention.
"Account Password" cannot be greater than 100 characters
Image description
The indicated field (s) on this page require your attention.
"Account Password" cannot be greater than 100 characters
Image descriptionCause
Per design, the default On-Demand Tokencode Delivery for SMS on RSA Authentication Manager 8.x allows the SMS Provider Configuration Account Password field to have a maximum of 100 characters. However, some SMS service providers share the Account Password, which exceeds this limit.
Resolution
Before continuing with the steps below, please take a backup of your database via the Operations Console (Maintenance > Backup and Restore > Backup Now).
- Launch an SSH client, such as PuTTy.
- Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.
Note that during Quick Setup another user name may have been selected. Use that user name to login.
- Navigate to /opt/rsa/am/server/servers/console/tmp/_WL_user/console-ims/<alphanumeric _named _directory>/war/WEB-INF
The <alphanumeric_named_directory> is sr8qlq on this Authentication Manager server. This value will be different in each customer deployment.
- Make a backup of the validation-am.xml.
- Open the validation-am.xml with vi.
login as: rsaadmin Using keyboard-interactive authentication. Password: <enter operating system password> Last login: Mon Aug 27 13:33:27 2018 from jumphost.vcloud.local RSA Authentication Manager Installation Directory: /opt/rsa/am rsaadmin@am82p:/opt/rsa/am> cd /opt/rsa/am/server/servers/console/tmp/_WL_user/console-ims/sr8qlq/war/WEB-INF/ rsaadmin@am82p:/opt/rsa/am/server/servers/console/tmp/_WL_user/console-ims/sr8qlq/war/WEB-INF> cp validation-am.xml validation-am.xml.bk rsaadmin@am82p:/opt/rsa/am/server/servers/console/tmp/_WL_user/console-ims/sr8qlq/war/WEB-INF> vi validation-am.xml
- Search for the httpSmsSvcPassword field in the xml. Underneath that look for the stanza of <var-name>maxlength</var-name> <var-value>100</var-value>:
<field property="httpSmsSvcPassword" depends="requiredif,maxlength">
<arg key="AM.OnDemandCodeConfig.prelabel.Account.3" position="0" />
<arg name="maxlength" key="${var:maxlength}" resource="false" position="1"/>
...
<var-name>maxlength</var-name> <var-value>100</var-value>
- Change maxlength from 100 to 256 characters, as shown. Note: If the Account Password is longer than 256 characters, make changes accordingly to accommodate the new password length.
<var-name>maxlength</var-name> <var-value>256</var-value>
- Save and close the file when done.
- Restart the RSA Authentication Manager services for the changes to take effect.
rsaadmin@am82p:/opt/rsa/am/server/servers/console/tmp/_WL_user/console-ims/nq9mdg/war/WEB-INF> cd /opt/rsa/am/server/ rsaadmin@am82p:/opt/rsa/am/server> ./rsaserv restart all
In this article
