This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

Name or service not known error when connecting Identity Router (IDR) to RSA Authentication Manager

Article Number

000038163

Applies To

RSA Product Set: SecurID Access
RSA Product/Service Type: Identity Router
 

Issue

After completing steps to Enable RSA SecurID Token Users to Access Resources Protected by the Cloud Authentication Service, the Identity Router > Authentication Manager connection fails. The following error is seen:
 
2019-11-08/16:29:28.607/UTC [pool-4-thread-11] ERROR com.rsa.authagent.authapi.v8.logger.b[?] - the current host is unknownde-sal-v-rir001: de-sal-v-rir001: Name or service not knownIDRHOSTNAME: IDRHOSTNAME: Name or service not known
2019-11-08/16:29:28.607/UTC [pool-4-thread-11] ERROR com.rsa.nga.sidproxy.SidAuthentication[265] - Failed to verify session factory
com.rsa.authagent.authapi.AuthAgentException: com.rsa.authagent.authapi.AuthAgentException: the current host is unknownIDRHOSTNAME: IDRHOSTNAME: Name or service not knowndIDRHOSTNAME: IDRHOSTNAME: Name or service not known
 

Where, IDRHOSTNAME is the portal hostname of the IDR defined in step 8 of Add an Identity Router using the Cloud Administration Console.


 

Cause

This error shows that the IDR is not able to resolve its own portal hostname.

Note: the Identity Router's portal hostname FQDN can be viewed in either of two places:
  • In the Cloud Administration Console Platform > Identity Routers page, select Edit on the Identity Router. The FQDN is in the Portal Hostname field.
  • In the Identity Router's Setup Console, on the Network Settings page, under Protected Application Configuration. The FQDN is in the Identity Router HostName field. 
The two fields that are listed above should have the same value.

Resolution

Perform the following on all IDRs in your deployment:
  • If the IDR has two NICs:
  • If the IDR has a single NIC:
    • Add a static DNS entry that maps the IDR's portal hostname to its interface IP address. Include both the portal hostname FQDN and shortname (separated by a space) as the alias value.
Adding a static DNS entry should be enough to resolve the issue; however, it should also be verified that there is an A record in DNS that maps the IDR's portal hostname to either:
  • If the IDR has two NICs, use its own portal interface's IP address.
  • If the IDR has a single NIC, use its own management interface's IP address.
These required tasks are listed in the document on how to Enable RSA SecurID Token Users to Access Resources Protected by the Cloud Authentication Service.

Notes

0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-12 09:51 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.