SecurID^® Knowledge Base

Yes

Article Number

000038150

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x

Issue

An administrator changed the IP address of the RSA Authentication Manager 8.x server from the Linux command line. After the change, services fail to start and UI consoles are not accessible. The /opt/rsa/am/server/logs/AdminServer.log shows the following error:

java.io.IOException: [Server:002664]Failed to start Admin Channel AdminChannel.
        at weblogic.server.channels.ServerSocketManager.createAndBindServerSockets(ServerSocketManager.java:132)
        at weblogic.server.channels.ServerSocketManager.createAndBindAllServerSockets(ServerSocketManager.java:89)
        at weblogic.server.channels.AdminPortService.createAndBindServerSockets(AdminPortService.java:108)
        at weblogic.server.channels.EnableAdminListenersService.start(EnableAdminListenersService.java:60)
        at weblogic.server.AbstractServerService.postConstruct(AbstractServerService.java:76)
        at sun.reflect.GeneratedMethodAccessor7.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.glassfish.hk2.utilities.reflection.ReflectionHelper.invoke(ReflectionHelper.java:1287)
        at org.jvnet.hk2.internal.ClazzCreator.postConstructMe(ClazzCreator.java:333)
        at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:375)
        at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:487)
        at org.glassfish.hk2.runlevel.internal.AsyncRunLevelContext.findOrCreate(AsyncRunLevelContext.java:305)
        at org.glassfish.hk2.runlevel.RunLevelContext.findOrCreate(RunLevelContext.java:85)
        at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2126)
        at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:116)
        at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:90)
        at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.oneJob(CurrentTaskFuture.java:1237)
        at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.run(CurrentTaskFuture.java:1168)
        at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$UpOneLevel.run(CurrentTaskFuture.java:786)
        at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:678)
        at weblogic.invocation.ComponentInvocationContextManager._runAs(ComponentInvocationContextManager.java:352)
        at weblogic.invocation.ComponentInvocationContextManager.runAs(ComponentInvocationContextManager.java:337)
        at weblogic.work.LivePartitionUtility.doRunWorkUnderContext(LivePartitionUtility.java:57)
        at weblogic.work.PartitionUtility.runWorkUnderContext(PartitionUtility.java:41)
        at weblogic.work.SelfTuningWorkManagerImpl.runWorkUnderContext(SelfTuningWorkManagerImpl.java:652)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:420)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:360)
Caused by: java.net.BindException: Cannot assign requested address
        at sun.nio.ch.Net.bind0(Native Method)
        at sun.nio.ch.Net.bind(Net.java:433)
        at sun.nio.ch.Net.bind(Net.java:425)
        at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:223)
        at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:74)
        at weblogic.socket.ServerSocketMuxer.newServerSocket(ServerSocketMuxer.java:69)
        at weblogic.server.channels.ServerSocketWrapper.newServerSocket(ServerSocketWrapper.java:119)
        at weblogic.server.channels.ServerSocketWrapper$1.run(ServerSocketWrapper.java:355)
        at weblogic.server.channels.ServerSocketWrapper.createAndSetServerSocket(ServerSocketWrapper.java:367)
        at weblogic.server.channels.ServerSocketWrapper.bind(ServerSocketWrapper.java:211)
        at weblogic.server.channels.ServerSocketManager.createBindAndEnableServerSocket(ServerSocketManager.java:162)
        at weblogic.server.channels.ServerSocketManager.createAndBindServerSockets(ServerSocketManager.java:126)
        ... 27 more

Cause

The RSA Authentication Manager network configuration must be changed at the operating system level, and at the application level. Any discrepancy between the two configurations breaks Authentication Manager.

Resolution

Revert the changes that were made from the Linux command line.
Change the Network Settings from the console. For the correct procedure, review Change the Primary Instance IPv4 Network Settings.

Workaround

Get access to the Linux Command line either using SSH or console access.
Switch to root:

sudo su

Run the following command to set the RSA Authentication Manager network settings from the command line:

/opt/rsa/am/utils/bin/appliance/configureNetwork.py\
 --fqdn <appliance_fqdn>\
 --ipv4 eth0 <new_ip> <subnet_mask> <new_gateway>\ 
 --ipv4-default-gateway <new_gateway>\
 --dns-server <new_dns_server_ip> --dns-search <dns_search_domain>

For example:

am84:/home/rsaadmin # /opt/rsa/am/utils/bin/appliance/configureNetwork.py\
>  --fqdn am84.saberlab.com\
>  --ipv4 eth0 192.168.65.150 255.255.255.0 192.168.65.2\
>  --ipv4-default-gateway 192.168.65.2\
>  --dns-server 192.168.65.100 --dns-search saberlab.com
Saving iptables configuration                                                                               done

Restart the RSA Authentication Manager services:

/opt/rsa/am/server/rsaserv restart all

SecurID^® Knowledge Base

Services will not start after changing IP address of RSA Authentication Manager 8.x from command line

Article Number

Applies To

Issue

Cause

Resolution

Workaround

In this article

SecurID® Knowledge Base

Services will not start after changing IP address of RSA Authentication Manager 8.x from command line

Article Number

Applies To

Issue

Cause

Resolution

Workaround

In this article

Related Content

SecurID^® Knowledge Base