Article Number
000036773
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
Behavior
- An RSA administrator fails to access or connect to the Security Console and/or Operations Console.
- Services will not start and the Security Console, Operations Console and Self-Service Console are not accessible.
- When connected to the Authentication Manager server via SSH, vSphere or a direct connection, the RSA Administration Server with Operations Console service fails to start, causing all other services to fail except for the RSA Database Server service.
Image description
Facts
- Attempting to restart services with the ./rsaserv restart all command fails at the same stage.
- Attempted to reset the system properties with the command ./rsautil manage-secrets -a recover, but it did not resolve the issue.
- The machine’s host name is resolvable and the IP address is correct.
- Date, time and time zone on the server are all correct.
- Rebooting the server did not resolve the issue.
Cause
The AdminServerWrapper.log from the RSA_HOME/server/logs directory shows that the config.xml file was not found:
INFO | jvm 1 | main | 2018/09/24 06:24:38 | <Sep 24, 2018 6:24:38 AM EDT> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) 64-Bit Server VM Version 24.161-b13 from Oracle Corporation.>
INFO | jvm 1 | main | 2018/09/24 06:24:40 |
INFO | jvm 1 | main | 2018/09/24 06:24:40 | /opt/rsa/am/server/config not found
INFO | jvm 1 | main | 2018/09/24 06:24:40 |
INFO | jvm 1 | main | 2018/09/24 06:24:40 | No config.xml was found.
INFO | jvm 1 | main | 2018/09/24 06:24:40 | Would you like the server to create a default configuration and boot? (y/n):
INFO | jvm 1 | main | 2018/09/24 06:24:40 | Please enter y, n
INFO | jvm 1 | main | 2018/09/24 06:24:40 | There are 1 nested errors:
INFO | jvm 1 | main | 2018/09/24 06:24:40 |
INFO | jvm 1 | main | 2018/09/24 06:24:40 | weblogic.management.internal.InteractiveConfigurationException: /opt/rsa/am/server/config not found.
INFO | jvm 1 | main | 2018/09/24 06:24:40 | If you wish to have the server generate a default configuration file and boot, please re-execute your start command and respond to prompts or pass additional parameter of -Dweblogic.management.GenerateDefaultConfig.
Resolution
To resolve this issue, the administrator needs to import the config.xml file from any other replica available in the deployment.
Note that during Quick Setup a user name other than rsaadmin may have been selected. Use that name when following the steps below.
- Connect to the replica Authentication Manager server via SCP client.
- Login as the rsaadmin user with the current operating system password.
- Navigate to RSA_HOME/server/config
- Copy the config.xml file from the replica to the local machine.
- Connect to the primary Authentication Manager server via SCP client.
- Login as the rsaadmin user with the current operating system password.
- Navigate to RSA_HOME/server/config
- Transfer the config.xml from the local machine to this directory.
- Launch an SSH client, such as PuTTy.
- Login to primary Authentication Manager server as rsaadmin and enter the operating system password.
login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter operating system password>
- Navigate to /opt/rsa/server.
- Restart the RSA Authentication Manager services following the steps in article 000012810 - How to stop, start and restart RSA Authentication Manager 8.x services at the command line.