RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.7 SP1
Platform: Azure VM
After upgrading to Authentication Manager 8.7 SP1 on servers that are hosted on Azure, the primary server loses its IPv4 address on eth0.
The /opt/rsa/am/server/logs/AdminServerWrapper.log shows:
INFO | jvm 1 | main | 2024/09/20 14:01:24 | <Sep 20, 2024 2:01:24,126 PM EDT> <Notice> <Security> <BEA-0090169> <Loading trusted certificates from the jks keystore file /opt/rsa/am/server/security/trust.jks.>
INFO | jvm 1 | main | 2024/09/20 14:01:24 | <Sep 20, 2024 2:01:24,126 PM EDT> <Warning> <JMX> <BEA-149513> <JMX Connector Server stopped at service:jmk::iiop://192.168.0.20:7006/jndi/weblogic.management.mbeanservers.edit.>
INFO | jvm 1 | main | 2024/09/20 14:01:24 | <Sep 20, 2024 2:01:24,126 PM EDT> <Warning> <JMX> <BEA-149513> <JMX Connector Server stopped at service:jmk::iiop://192.168.0.20:7006/jndi/weblogic.management.mbeanservers.domainruntime.>
INFO | jvm 1 | main | 2024/09/20 14:01:24 | <Sep 20, 2024 2:01:24,126 PM EDT> <Warning> <JMX> <BEA-149513> <JMX Connector Server stopped at service:jmk::iiop://192.168.0.20:7006/jndi/weblogic.management.mbeanservers.runtime.>
INFO | jvm 1 | main | 2024/09/20 14:01:24 | <Sep 20, 2024 2:01:24,126 PM EDT> <Critical> <WebLogicServer> <BEA-000362> <Server failed. Reason:
INFO | jvm 1 | main | 2024/09/20 14:01:24 |
INFO | jvm 1 | main | 2024/09/20 14:01:24 | There are 1 nested errors:
INFO | jvm 1 | main | 2024/09/20 14:01:24 |
INFO | jvm 1 | main | 2024/09/20 14:01:24 | java.io.IOException: [Server:002664] Failed to start Admin Channel AdminChannel.
INFO | jvm 1 | main | 2024/09/20 14:01:38 | at weblogic.server.channels.ServerSocketManager.createAndBindServerSockets (ServerSocketManager.java:132)
INFO | jvm 1 | main | 2024/09/20 14:01:38 | at weblogic.server.channel
The boot protocol changes from static to dhcpv4 in the network config file for eth0. The gateway value is changed to "none" in the Operations Console and another DNS record is added in the Operations Console as well.
The expected configuration:
rsaadmin@am87p:/etc/sysconfig/network> more ifcfg-eth0 STARTMODE=auto BOOTPROTO=static IPADDR=192.168.0.20 PREFIXLEN=27 LABEL=
What is seen:
rsaadmin@am87p:/etc/sysconfig/network> more ifcfg-eth0 # Created by cloud-init on instance boot automatically, do not edit. # BOOTPROTO=dhcp4 LLADDR=00:0d:3f:7b:9a:ef STARTMODE=auto
After upgrading from Authentication Manager 8.7 to 8.7 SP1 on Azure, network settings may change automatically following the appliance’s reboot. This occurs because the upgrade process triggers Azure cloud-init to reapply its default network configuration, which overwrites any static IP settings with DHCP. The behavior is a result of how cloud-init manages network interfaces on Azure virtual machines
For example,
- The eth0 interface loses its static IPv4 address after the upgrade to Authentication Manager 8.7 SP1.
- The /etc/sysconfig/network/ifcfg-eth0 file is overwritten, changing the network boot protocol from static to DHCPv4.
- The gateway is set to "none" in the Operations Console, and an additional DNS record may be added.
In the "Resolution" section, it states: "If the upgrade was in process and encountered and issue with the network settings being removed, ..." This can be reworded to "If the upgrade was in process and an issue was encountered with the network settings being removed, ..." ************************
Before upgrading to Authentication Manager 8.7 SP1, disable cloud-init’s network configuration to prevent it from overwriting the static IP on reboot, ensuring netconfig manages the network settings.
Make the following changes on the primary server:
- Take a backup of /etc/cloud/cloud.cfg.
- With a text editor, edit /etc/cloud/cloud.cfg to add the following entries to the END of the file (WARNING: Placing these edits at the beginning of the file will cause the server to lose its network settings):
network:
config: disabled
- When done, save the file ([ESC] then :wq!)
- Reboot the appliance by typing sudo reboot
If the upgrade was in process and an issue was encountered with the network settings being removed, this can be resolved by manually configuring the appliance network settings with the configureNetwork.py script attached to knowledge article 000043629 (Services will not start after changing IP address of RSA Authentication Manager 8.x from command line).
Resolved in Authentication Manager 8.8 patch 3.
Related Articles
The network adapter is blank after deploying RSA Authentication Manager 8.7 SP1, 8.7 SP2 or 8.8 on VMware ESXi Number of Views NTP configuration with chronyd introduced with Authentication Manager 8.7 SP1 Number of Views RSA Authentication Manager 8.7 SP1 upgrade fails due to GRUB issue Number of Views Database reindex required after applying Authentication Manager 8.7 SP1 and Authentication Manager 8.7 SP1 patch 1 due to … Number of Views Authentication Manager 8.5 upgrade to 8.6 fails with error: Unactivated changes are present in the WebLogic Server config.xml Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA Authentication Manager 8.8 Setup and Configuration Guide
