How to factory reset an RSA Authentication Manager 8.x hardware appliance without a factory reset button from the Operations Console
2 months ago
Originally Published: 2016-10-27
Article Number
000065598
Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x

Issue

There can be several reasons why a factory reset of the Authentication Manager server may be required.  For example,

  • Suspicion that the Authentication Manager 8.x appliance has a corrupt disk drive because it is behaving inconsistently or with errors that indicate hardware problems.
  • Some other requirement to revert back to the base install of Authentication Manager 8.x, but there is no factory reset option in Authentication Manager 8.x.
Tasks

Steps to follow include:

  1. Downloading the Authentication Manager 8.x hardware appliance .iso file from my.rsa.com.
  2. Burning the .iso to DVD.
  3. Booting the appliance to this DVD and install Authentication Manager.
  4. Configuring the initial setup including the fully qualified domain name and IP address of the appliance.
  5. Running Quick Setup on the appliance to configure it as either a primary or a replica.
Resolution

You will need the .iso for RSA Authentication Manager 8.x hardware appliance .iso (rsa-am-hardware-appliance-8.x.0.0.0.iso) to factory reset back to the initial install of Authentication Manager 8.x.

Refer to the relevant article on how to remotely install the original system image on a Dell hardware appliance.  Alternatively, access the Downloads page on the RSA Community and search for the relevant .iso file. For more information on how to obtain the .iso, please see the article on how to download RSA Authentication Manager 8.x full kits and service packs from the RSA Community. Once you have the correct .iso, follow the steps below:

  1. Burn this .iso to a DVD.  Do not simply copy the .iso.
  2. Insert the DVD into the appliance's CD/DVD drive.
  3. Reboot the appliance, using one of these methods:
  • From the Operations Console select Maintenance > Reboot Appliance.
  • Launch an SSH session or connect directly to the appliance.
  1. Login with the rsaadmin operating system account.

Note that during Quick Setup another user name may have been selected. Use that user name to login.

  1. Navigate to /opt/rsa/am/server and run the following command to stop the Authentication Manager services:
./rsaserv stop all
  1. Next, sudo to root, using the operating system account password used in step a, above.                          
sudo su -
  1. Reboot the system:
reboot
If you successfully boot the DVD, you should see the following choices displayed:
1.  Boot hard drive 
2.  Install RSA Authentication Manager 
3.  Install RSA Authentication Manager Safe Mode
  1. From the menu, choose 2.  Install RSA Authentication Manager
  2.  On some systems after the Linux Kernel Loads it can take up to 30 minutes to see the following prompt:
"Install complete checking data."
  1.  The following prompts will display.  Complete them as follows:
Keep settings? Y to keep, N to change
Agree to License <space bar> for Yes
FQDN: <enter the fully qualified domain name for the server>
IP: <enter the IP address for this server>
Subnet mask: <enter the value of the netmask>
Gateway: <enter the value of the default IP routing gateway IP>
DNS and alt: <enter relevant DNS servers>
Are these correct: <Y if settings are correct, N to redo them>
  1. Note and copy the setup code which displays on the screen, as you will need this to complete the Quick Setup process.
  2. The final prompt is Do you want to shutdown?
  • Enter Yes if, for example, the appliance is to be shipped somewhere and will be offline. 
  • Enter No if you are completing Quick Setup now.
  1. You should be able to run Quick Setup now using the FQDN entered above in the format of https://<fully_qualified_domain_name_of_server>.
Notes

Troubleshooting

If the RSA DVD does not boot, either:

  • The disk is bad,
  • The SATA optical DVD drive is bad, or
  • The SATA optical DVD drive is not first in the boot sequence (which should be the default for RSA Authentication Manager appliances).


1.  Verify the DVD disk

  1. Try booting the disk into another computer to verify that it is readable.  Cancel when you see the RSA install screen.  If the DVD not bootable, try burning again at a slower rate.
  2. Try booting a known good bootable CD or DVD in the RSA Appliance drive, to see if that boot screen appears.  Cancel when you see any install screen or else you will incur ridicule and shame.

2.  Verify the DVD/CD optical drive on the appliance

  1. Reboot the appliance with a monitor and keyboard physically attached so you can interrupt the boot sequence (typically with either the [F2] or [F11] key) and access the BIOS.
  2. Edit the BIOS boot sequence and move the internal SATA DVD/CD optical drive to the #1 boot sequence device.  If it is already there, the drive may be bad.  If it is not there, reboot and try again.
Bios Boot Sequence
  1. If the internal DVD/CD optical drive is suspected to be bad, you can RMA the appliance.  If you are in a hurry, try connecting a USB external DVD reader, make USB the #1 device in boot sequence in BIOS and try again.

Related Articles

Trending Articles

Don't see what you're looking for?