This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Announcements
SecurID® Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.
- RSA Community
- :
- Products
- :
- SecurID
- :
- Knowledge Base
- :
- RSA Authentication Manager 6.1.2 Database Dump Program Fails in a UNIX Environment
-
Options
- Subscribe to RSS Feed
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
RSA Authentication Manager 6.1.2 Database Dump Program Fails in a UNIX Environment
Article Number
000031357
Applies To
| RSA Product Set | SecurID |
| RSA Product/Service Type | RSA Authentication Manager |
| RSA Version/Condition | 6.1.2 or later |
| Platform | UNIX |
| Product Description | Authentication Manager |
Issue
There is a requirement to migrate RSA Authentication Manager 6.1.2 production data from a once supported UNIX environment to an RSA Authentication Manager 8.1 deployment.
The database dump program (sddump) is failing to locate a file called sdcfgval and does not generate a database dump file.
The database dump program (sddump) is failing to locate a file called sdcfgval and does not generate a database dump file.
Cause
A possible cause would be the sddump program has no system variables set to provide it access to the authentication manager instance.
Resolution
UNIX based environments usually require system variables set to ensure the success of the program being used to access the authentication manager 6.1.2 databases (server & log). RSA Authentication Manager 6.1.2 on a UNIX platform has a file called admenv located in the ACEUTILS folder that reveals the environment (system) variables that can be used to create a shell script for running the authentication manager programs (such as the database dump program; sddump).
Example; taken from an installed authentication manager 6.1.2 primary instance on Red Hat 3 Update 8 Enterprise Linux
Example; taken from an installed authentication manager 6.1.2 primary instance on Red Hat 3 Update 8 Enterprise Linux
[root@redhat3u8P utils]# ./admenv
---------------------------------------------------------------------
The following environment variables must be set in order to use the
administration toolkit. They must be set for each individual toolkit
user or set globally for all users.
---------------------------------------------------------------------
USR_ACE=/opt/ace/prog
VAR_ACE=/opt/ace/data
DLC=/opt/ace/rdbms
PROPATH=/opt/ace/prog/proapi/adbapi.pl:/opt/ace/prog/proapi/sdproapi.pl:/opt/ace/prog/protrig:/opt/ace/prog
LD_LIBRARY_PATH=/opt/ace/prog
[root@redhat3u8P utils]#
NOTE: The authentication manager 6.1.2 default installation folder on a once supported UNIX platform was /opt/ace and ACEUTILS refers to the default /opt/ace/utils folder location.
Steps to create the shell script to dump the server database
| 1. | Navigate to the ACEUTILS folder either using either the file ownership account for authentication manager (i.e. aceadmin) or the root account. To start creating the shell script enter the command : ./admenv > /tmp/serverdump.sh |
| 2. | Edit /tmp/serverdump.sh and remove the top seven lines so it leaves the following lines:
USR_ACE=/var/ace/progVAR_ACE=/var/ace/data
DLC=/var/ace/rdbms
PROPATH=/var/ace/prog/proapi/adbapi.pl:/var/ace/prog/proapi/sdproapi.pl:/var/ace/prog/protrig:/var/ace/prog
LD_LIBRARY_PATH=/var/ace/prog
Add these two lines to the end of the shell script:
export USR_ACE VAR_ACE DLC PROPATH LD_LIBRARY_PATH
$USR_ACE/sddump –s
NOTE: use the -l parameter with the sddump program to dump the log databaseSet the permissions of the shell script using a chmod command: chmod 755 /tmp/serverdump.sh |
| 3. | Determine who started the authentication manager 6.1.2 instance with the command : ps –ef | grep ace Example:
[root@redhat3u8R /]# ps -ef | grep aceroot 1360 1 0 09:40 pts/0 00:00:00 /opt/ace/prog/_mprosrv /opt/ace/data/sdserv -N TCP -S sdserv -pf /opt/ace/prog/sdserv.pf
root 1363 1 0 09:40 pts/0 00:00:00 /opt/ace/rdbms/bin/_mprshut /opt/ace/data/sdserv -C apw
root 1366 1 0 09:40 pts/0 00:00:00 /opt/ace/rdbms/bin/_mprshut /opt/ace/data/sdserv -C biw
root 1368 1 0 09:40 pts/0 00:00:00 /opt/ace/prog/_mprosrv /opt/ace/data/sdlog -N TCP -S sdlog -pf /opt/ace/prog/sdlog.pf
root 1371 1 0 09:40 pts/0 00:00:00 /opt/ace/rdbms/bin/_mprshut /opt/ace/data/sdlog -C apw
root 1374 1 0 09:40 pts/0 00:00:00 /opt/ace/rdbms/bin/_mprshut /opt/ace/data/sdlog -C biw
root 1383 1 0 09:40 pts/0 00:00:00 /opt/ace/prog/sdoad
root 1673 1 0 09:40 ? 00:00:00 acesyncd -ReplicaID 1
root 1699 1 0 09:40 ? 00:00:00 /opt/ace/prog/_aceserver_fe
root 1701 1 0 09:40 ? 00:00:00 _aceserver_be
root 1703 1 0 09:40 ? 00:00:00 _aceserver_be
root 1734 1239 0 09:41 pts/0 00:00:00 grep ace
[root@redhat3u8R /]#
NOTE: in the above example the first column is showing that root owns the authentication manager processes. |
| 4. | Stop the authentication manager services using the account that was used to start the authentication manager services In my example, root was used to start the authentication manager services so root can stop the authentication manager services..
<AMHOME>/prog/aceserver stop
<AMHOME>/prog/sdconnect shutdown
<AMHOME>/prog/sdconnect clean
..where <AMHOME> is the folder where the authentication manager software was installed (by default this location is /opt/ace) |
| 5. | Navigate to the <AMHOME> folder and run the shell script to dump the server database with the command : /tmp/serverdump.sh A server database dump file called sdserv.dmp is created in the current folder <AMHOME>. NOTE: the database dump is encrypted with a security block that was created during the authentication manager installation and is present in the license record (license.rec). To decrypt the database dump file, perhaps for migration purposes, a copy of the license record is required. |
| 6. | Start the authentication manager services using either the file ownership account or root
<AMHOME>/prog/sdconnect/start
<AMHOME>/prog/aceserver start
|
Notes
IMPORTANT : Only 6.1.2 authentication manager database dumps are supported for migrating data into an RSA Authentication Manager 8.1 deployment.
Contacting RSA Customer Support
Contacting RSA Customer Support
| Telephone | For urgent issues use on of the telephone numbers listed at URL http://www.emc.com/support/rsa/contact/phone-numbers.htm |
| For non-urgent issues email support@rsa.com | |
| Case Management | Case Management is found at URL https://knowledge.rsasecurity.com/scolcms/mysupport.aspx (requires access to RSA SecurCare Online) |
No ratings
