How to recover the user id or password of a read only database user from RSA Authentication Manager 8.x
Originally Published: 2019-03-08
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
- How to recover userid or password of a read-only database user from RSA Authentication Manager 8.x when it is unknown or lost.
- Customer has created a user for read-only access of RSA Authentication Manager database earlier but userid is now unavailable.
- Customer does not remember the password of the read-only database user which was created earlier.
Resolution
Steps:
- Enable Secure Shell on the Appliance following Enable Secure shell on the RSA Authentication Manager appliance.
- Logon to the primary Authentication Manager 8.x server via SSH as the rsaadmin user.
Note that during Quick Setup another username may have been selected. Use that username to login. - Navigate to /opt/rsa/am/utils.
- Run the command: ./rsautil manage-secrets -a listall to list parameters
- When prompted, enter the Operations Console administrator's name and password to list the available read-only database users
login as: rsaadmin Using keyboard-interactive authentication. Password: <enter operating system password> Last login: Mon Jan 9 13:07:55 2017 from jumphost.vcloud.local RSA Authentication Manager Installation Directory: /opt/rsa/am rsaadmin@am8xp:~> cd /opt/rsa/am/utils rsaadmin@am8xp:/opt/rsa/am/utils> ./rsautil manage-secrets -a listall Please enter OC Administrator username: <enter Operations Console administrator name> Please enter OC Administrator password: <enter Operations Console administrator password>
- The output after running the above command successfully prints several values list to the screen.
- Refer to the documented keys listed below for read-only database user information such as user ID, passwords and other properties that are set when the read-only database user is created.
Note: the passwords for the readonly.dbusers.x will be displayed in plain text.
Secrets stored in ./etc/systemfields.properties. com.rsa.am.readonly.dbusers ...........................: readonly.dbusers.1,readonly.dbusers.2 readonly.dbusers.1 ....................................: rdbuser readonly.dbusers.1.password ...........................: support1! readonly.dbusers.1.props ..............................: 192.168.2.175|255.255.255.0 readonly.dbusers.2 ....................................: rouser readonly.dbusers.2.password ...........................: Passwd01... readonly.dbusers.2.props ..............................: 192.168.2.102|255.255.255.255
Related Articles
How to recover failed RSA Authentication Manager 8.x virtual appliance when the filesystem is stuck in read-only mode Number of Views How to reset the RSA Authentication Manager 8.x system fingerprint Number of Views Read-only file system message for RSA Identity Governance & Lifecycle Number of Views How to recover the Application and AFX after an unexpected database failure in RSA Identity Governance & Lifecycle Number of Views How to differentiate same system vs different system backup/restore on RSA Authentication Manager 8.x Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes for RSA Authentication Manager 8.8 RSA-2026-04: RSA Governance and Lifecycle Security Update for SUSE Linux Enterprise Server Vulnerabilities RSA Governance & Lifecycle 7.5.2 Administrator's Guide
Don't see what you're looking for?
