AnsweredAssumed Answered

Expired license

Question asked by Dave Dicken on Jun 22, 2018
Latest reply on Jun 25, 2018 by Erica Chalfin

Like • Show 0 Likes0
Comment • 6

This document describes the need to have a license installed before logging out of AM or restarting the appliance:

https://community.rsa.com/docs/DOC-77042

What happens in this scenario if you do log out or restart?

As a routine part of our security review, our security team is evaluating other products &, since our license/support expires shortly, I need to brief them on the implications of what will (or will not) happen if we let our license expire during any potential transition to another product. Does the license actually expire? ...or does this document only apply if you actually uninstall the license?

No one else has this question

Outcomes

6 Replies

Erica Chalfin Jun 22, 2018 10:24 PM
Mark Correct
Correct Answer
Dave Dicken,

I've moved your question to the RSA SecurID Access space where it will be seen by the product's support engineers, other customers and partners. Please bookmark this page and use it when you have product-specific questions.

Alternatively, from the RSA Customer Support page, click on Ask A Question on the blue navigation bar and choose Ask A Product Related Question. From there, scroll to RSA SecurID Access and click Ask A Question. That way your question will appear in the correct space.
* * *
I am glad you looked over our documentation on how to Uninstall a License for Authentication Manager. Please also review knowledge article 000013162 - The customer account identifier in the license does not match that stored in the system message when installing an RSA Authentication Manager license , which provides more detail.

Regards,
Erica
Like • Show 0 Likes0
Actions
Edward Davis Jun 25, 2018 9:41 AM
Mark Correct
Correct Answer
If a license expires while running, it all works until system is restarted. Then it won't authenticate until license issues are resolved.

If a license is removed, and system starts with no license, everything starts up except the authentication ports. However, unlike an expired license, some menus like system settings are inaccessible. Of course, the ability to install a license is not removed.

In other words, in either scenario...you can manage the system somewhat you just cannot authenticate anyone except admins with passwords to the console.
Like • Show 0 Likes0
Actions
- Dave Dicken @ Edward Davis on Jun 25, 2018 10:06 AM
  Mark Correct
  Correct Answer
  Thanks for replying. So is the only real impact in the area of console access & therefore the inability to make any changes? Would there be any impact to users – specifically whether their VPN access would be disrupted?
  
  Thank you,
  Dave
  Like • Show 0 Likes0
  Actions
  - Erica Chalfin @ Dave Dicken on Jun 25, 2018 10:41 AM
    Mark Correct
    Correct Answer
    Dave Dicken,
    
    If a user is already authenticated, their session will not drop during the license upgrade process. Any users trying to authenticate in that small time frame between when you uninstall the license and install the new one will get an authentication failure message. If they wait a minute or two and try again, they should authenticate successfully.
    
    Regards,
    Erica
    Like • Show 0 Likes0
    Actions
    - Dave Dicken @ Erica Chalfin on Jun 25, 2018 3:47 PM
      Mark Correct
      Correct Answer
      Sorry, but just to be clear I need to know since we are within days of our current license expiring….
      
      Will users only get an authentication failure message during the actual uninstall/install of the license? In other words, if our license expires but we are not in the middle of uninstall/install of the license will users still be able to authenticate?
      
      Thank you,
      Dave
      Like • Show 0 Likes0
      Actions
      - Erica Chalfin @ Dave Dicken on Jun 25, 2018 4:48 PM
        Mark Correct
        Correct Answer
        Dave Dicken,
        
        Your users that are authenticated before you swap out the license will remain authenticated. Their sessions will not drop. Any users who attempt to authenticate during the uninstall/install process will see their authentication fail. If you go through the license uninstall/install process (which takes less than five minutes, including you going down the hall for a cup of coffee), it is only for that brief moment where the old license has been removed and the new license is not yet installed that your not-yet-authenticated users will fail authentication. The reason for this is because during that window you are essentially licensed for zero users.
        
        The license information is passed to the Authentication Manager software after a reboot or restart of Authentication Manager services. If the license is expired, the license check fails and the software shuts down port 5500, which in turn means all users authentication attempts will fail until a new trial license or a production license is installed, which reopens port 5500. This is why we tell you not to reboot or restart. We don't want to force you into a situation where the license check fails.
        
        WHen does your trial expire? Have you requested your new license yet?
        
        Regards,
        Erica
        Like • Show 0 Likes0
        Actions

Expired license

Outcomes

Related Content

Recommended Content