This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

Using the RSA Authentication Manager Migration Assessment Utility to upgrade from RSA Authentication Manager 6.1 to 8.1

Article Number

000029524

Applies To

RSA Product Set:  SecurID
RSA Product/Service Type:  Authentication Manager
RSA Version/Condition:  6.1, 8.1 
 

Issue

This article provides information on completing a successful migrating from RSA Authentication Manager 6.1 production data to RSA Authentication Manager 8.1 using the Migration Assessment Utility.

Resolution

RSA Authentication Manager 8.1 software comes in three form factors:
  • As a virtual appliance running on VMware (Authentication Manager 8.0 and higher),
  • As a virtual appliance running on Microsoft Hyper-V (Authentication Manager 8.1 SP1 and higher), or
  • As a hardware appliance.
Each option is bundled with the SUSE Enterprise Linux operating system.

NOTE:  As a prerequisite of migrating to Authentication Manager 8.1, the Authentication Manager 6.1 servers must be at Authentication Manager 6.1.2 in order to create a server and/or log database dump file that will be used to perform the migration to Authentication Manager 8.1 or Authentication Manager 8.1 SP1.  If your Authentication Manager servers are below 6.1.2, please contact RSA technical support.

To download RSA Authentication Manager 8.1, the migration assessment utility and documentation

  1. Download the utility and documentation required to complete the process.
    1. If you have not yet downloaded Authentication Manager 8.1, review the steps oHow to download RSA Authentication Manager 8.x full kits and service packs from RSA Link.  Be sure to download the RSA Auth Manager 8.1 – Extra file (rsa-am-extras-8.1.0.0.0.zip).
    2. Download the RSA Authentication Manager 6.1 to 8.1 Migration Assessment Utility and readme.  
    3. Download the Authentication Manager 8.1 documentation.
    4. Review the RSA Authentication Manager 6.1 to 8.0 Migration Preparation Guide.  


To run the utility on a Windows server

  1. Unzip the am_migration_assessment_utility_<datestamp>.zip into a working directory.  ​
  2. As a local administrator, create a directory named migration in the $RSA_HOME\utils directory.  By default, this would be C:\Program Files\RSA Authentication Manager\utils on an Authentication Manager 6.1 server or C:\authmgr\utils on an RSA SecurID Appliance 2.0.2 box.
  3. Copy the 6.1_migration_assessment.tcl file to either C:\Program Files\RSA Authentication Manager\utils \tcl\bin\ or C:\authmgr\utils\tcl\bin\.
  4. Open a command prompt and navigate to either C:\Program Files\RSA Authentication Manager\utils or C:\authmgr\utils.  
  5. Enter the following command:

..\tcl-sd.exe 6.1_migration_assessment.tcl
As an example:
Image descriptionImage description
  1. Open the file generated called 6.1_migration_assessment_mmddyyhhmm.html in a web browser to review the results.  An example of the output is below:
Image descriptionImage description

To run the utility on a UNIX server

  1. Unzip the am_migration_assessment_utility_datestamp.zip into a working directory.
  2. As a root user create a working folder in /tmp called migration.
  3. Create a new shell script called migration_report.sh in /tmp/migration. 
  4. Edit the migration_report.sh using an editor such as vi.  
  5. Copy the text shown below into the script and save it. 

. /etc/sdace.txt
ACE=`dirname $USR_ACE`
DLC=$ACE/rdbms/
UTILS=$ACE/utils/
PROMSGS=$DLC/promsgs
PATH=$USR_ACE:$DLC/bin:$ACE/utils:$ACE/utils/oldutil:$PATH
PROPATH=$USR_ACE/proapi/adbapi.pl:$USR_ACE/protrig:$USR_ACE/proapi:$USR_ACE
LD_LIBRARY_PATH=$USR_ACE
export USR_ACE VAR_ACE DLC PROMSGS PATH PROPATH  LD_LIBRARY_PATH
cat $USR_ACE/version.txt
echo "ACE/Server administration command environment configured.\n\n"
$UTILS/tcl/bin/tcl-sd $UTILS/tcl/bin/6.1_migration_assessment.tcl
  1. Change the permissions on the migration_report.sh, using the chmod command, as in the example below:

chmod 755 /tmp/migration/migration_report.sh
  1. Copy the 6.1_migration_assessment.tcl file into $RSA_HOME/utils/tcl/bin.  By default the path will be /opt/rsa/ace/utils.
  2. Execute the migration_report.sh from /tmp/migration using the command below: 

./migration_report.sh
  1. Expected output (taken from a Red Hat 4.8 with Authentication Manager 6.1.2 installed) when running migration_report.sh is as follows:

[root@rh4u8-primary migration]# ./migration_report.sh
RSA Authentication Manager 6.1.2.219 Mon Jun 21 11:11:42 EDT 2010

ACE/Server administration command environment configured.\n\n
Connected User: root on Host: rh4u8-primary.bellnet.local
Info: expired_tokens_1008131026.csv generated successfully.
Info: disabled_tokens_1008131026.csv generated successfully.
Info: expired_temp_users_1008131026.csv generated successfully.
Info: logins_without_token_1008131026.csv generated successfully.
Info: direct_assigned_users_1008131026.csv generated successfully.
Info: groups_on_unrestricted_agent_1008131026.csv generated successfully.
Info: direct_assigned_tasks_1008131026.csv generated successfully.
Info: admins_with_tasklist_1008131026.csv generated successfully.
Info: user_group_alias_1008131026.csv generated successfully.
Info: user_agent_alias_1008131026.csv generated successfully.
Info: agent_ext_unsup_chars_1008131026.csv generated successfully.
Info: group_ext_unsup_chars_1008131026.csv generated successfully.
Info: realm_ext_unsup_chars_1008131026.csv generated successfully.
Info: site_ext_unsup_chars_1008131026.csv generated successfully.
Info: system_ext_unsup_chars_1008131026.csv generated successfully.
Info: token_ext_unsup_chars_1008131026.csv generated successfully.
Info: user_ext_unsup_chars_1008131026.csv generated successfully.
Info: user_unsup_chars_1008131026.csv generated successfully.
Info: site_unsup_chars_1008131026.csv generated successfully.
Info: user_agent_alias_unsup_chars_1008131026.csv generated successfully.
Info: user_group_alias_unsup_chars_1008131026.csv generated successfully.
Info: group_membership_1008131026.csv generated successfully.
Info: CustUserExtension Unique Key count generated successfully.
Info: CustTokenExtension Unique Key count generated successfully.
Info: CustGroupExtension Unique Key count generated successfully.
Info: CustClientExtension Unique Key count generated successfully.
Info: CustSiteExtension Unique Key count generated successfully.
Info: CustRealmExtension Unique Key count generated successfully.
Info: CustLogExtension Unique Key count generated successfully.
Info: agent_ext_unique_keys_1008131026.csv generated successfully.
Info: group_ext_unique_keys_1008131026.csv generated successfully.
Info: realm_ext_unique_keys_1008131026.csv generated successfully.
Info: site_ext_unique_keys_1008131026.csv generated successfully.
Info: system_ext_unique_keys_1008131026.csv generated successfully.
Info: token_ext_unique_keys_1008131026.csv generated successfully.
Info: user_ext_unique_keys_1008131026.csv generated successfully.
Info: User Count generated successfully.
Info: User Count (with unsupported characters)v generated successfully.
Info: User Alias via Agent (with unsupported characters) generated successfully.
Info: User Alias via Group (with unsupported characters) generated successfully.
Info: Administrator Count generated successfully.
Info: Expired Temporary User Count generated successfully.
Info: Token Count generated successfully.
Info: Hardware Token Count generated successfully.
Info: Software Token Count generated successfully.
Info: Expired Token Count generated successfully.
Info: Disabled Token Count generated successfully.
Info: Agent Count generated successfully.
Info: Unrestricted Agent Host with Group Enabled Count generated successfully.
Info: Agent Extension Unique Key Count generated successfully.
Info: Agent Extension Data Count (with unsupported characters) generated successfully.
Info: Group Extension Unique Key Count generated successfully.
Info: Group Extension Data Count (with unsupported characters) generated successfully.
Info: Realm Extension Unique Key Count generated successfully.
Info: Realm Extension Data Count (with unsupported characters) generated successfully.
Info: Site Extension Unique Key Count generated successfully.
Info: Site Extension Data Count (with unsupported characters) generated successfully.
Info: System Extension Unique Key Count generated successfully.
Info: System Extension Data Count (with unsupported characters) generated successfully.
Info: Token Extension Unique Key Count generated successfully.
Info: Token Extension Data Count (with unsupported characters) generated successfully.
Info: User Extension Unique Key Count generated successfully.
Info: User Extension Data Count (with unsupported characters) generated successfully.
Info: Site Count (with unsupported characters) generated successfully.
Info: Replica Count generated successfully.
Info: External Identity Source Count generated successfully.
Info: RADIUS Server Count generated successfully.
Info: Cross-realm Count generated successfully.
>>> Assessment summary has been capture in 6.1_migration_assessment_1008131026.html file.
>>> All log entries have been captured in 6.1_migration_assessment_1008131026.log file.
[root@rh4u8-primary utils]#
  1. In an X Windows graphical user interface (such as Gnome), open the 6.1_migration_assessment_mmddyyhhmm.html file in a web browser or copy the file from UNIX platform to a Windows platform to open it in a web browser.

Notes

The Migration Assessment Utility must be used on the primary Authentication Manager server where the Authentication Manager services are running.  If services are not running, the following error will occur:
  

Sd_ApiInit Error Failed to Connect to serv DB C:\Program Files\RSA Security\RSA Authentication Manager\data\sdserv
    while executing
"Sd_ApiInit "" "" 1"
    invoked from within
"puts [Sd_ApiInit "" "" 1]..."
    (file "6.1_migration_assessment.tcl" line 32)

If any problems arise when using the Authentication Manager 6.1 Migration Assessment Utility, please contact your local RSA Customer Support center.  Please be sure to have your Authentication Manager license information ready to open a new support request.  License information is available through the Security Console under Setup > Licenses.
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2021-04-23 06:53 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.