An administrator has a requirement to lookup user data information in the Authentication Manager database, perhaps where a duplicate user ID is being reported in the Security Console.
This knowledge article provides a Linux shell script which can be executed on a primary instance in an Authentication Manager deployment to search user data in the Authentication Manager database to look up User IDs and Logon Aliases. The Linux shell script has a option to enter a token serial number to lookup user information, especially where the assigned user to a token is displayed as <unknown> in the Security Console.
An example of the menu provided by the Linux shell script:
RSA Customer Support (Asia Pacific) - Wed Feb 1 14:24:17 AEDT 2023
Look up a User ID and associated Logon Aliases in Authentication Manager (AM)
AM hostname : <hostname>
AM version : 8.n.n.n.n
1) Lookup a User ID
2) Token Serial Number to Lookup a User ID
Please select an option
When the administrator exits the program a log file name is provided. For example:
- log filename : /tmp/userid_logfile_202302011450.log
Please note the Linux shell script must be run with root privileges and requires the Operations Console username and password to read the data stored in the Authentication Manager database.
- Download and copy the attached 'lookupuserid.sh' shell script into the /tmp folder on the primary instance in the Authentication deployment. Use the procedure at URL https://community.rsa.com/t5/securid-authentication-manager/enable-secure-shell-on-the-appliance/ta-p/630093 to enable secure shell on the Appliance, if needed. Where secure shell has been enabled, a secure FTP client, such as WinSCP, can be used to copy the shell script into the /tmp folder.
- Change the permissions of the lookupuserid.sh so it can be run at the command line:
chmod 755 /tmp/lookupuserid.sh
- Logon to the Authentication Manger instance with the rsaadmin account, either in an secure shell session or at the local console.
- Elevate the privileges of the rsaadmin account using the command:
- Navigate to the /tmp folder using the command:
- Run the shell script program using the command: