Article Number
000036638
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager Prime/Authentication Manager Integration Service (AMIS)
Issue
Clearing the node secret file named securid for the Authentication Manager Integration Service (AMIS) agent both on the Authentication Manager Security Console and in the ..\RSA\amis\auth folder on the AMIS machine still rejects any login attempts from the (Help Desk Admin Portal (HDAP) or Self-Service Portal (SSP) with the Authentication Activity monitor logging the following error message:
Node secret mismatch: cleared on server but not on agent
Image description
Cause
Typically, AMIS looks for the node secret file in the location defined in the rsa_api.properties file for the SDNDSCRT_LOC variable. By default, the SDNDSCRT_LOC is set to C:\RSA\amis\auth\securid.
Clearing the node secret on the AMIS machine under ..\RSA\amis\auth makes no difference, as AMIS still continues to look for the node secret file in C:\RSA\amis\auth\securid and simply rejects the authentication request, as it cannot find one there.
Resolution
To work around this issue,
- Delete the securid file under ..\RSA\amis\auth on the AMIS machine.
- Update the rsa_api.properties file so that the SDNDSCRT_LOC points to C:\RSA\amis\auth.