RSA Authentication Manager 6.1.2 Database Dump Program Fails in a UNIX Environment
Originally Published: 2015-09-28
Article Number
Applies To
| RSA Product Set | SecurID |
| RSA Product/Service Type | RSA Authentication Manager |
| RSA Version/Condition | 6.1.2 or later |
| Platform | UNIX |
| Product Description | Authentication Manager |
Issue
The database dump program (sddump) is failing to locate a file called sdcfgval and does not generate a database dump file.
Cause
Resolution
Example; taken from an installed authentication manager 6.1.2 primary instance on Red Hat 3 Update 8 Enterprise Linux
[root@redhat3u8P utils]# ./admenv
---------------------------------------------------------------------
The following environment variables must be set in order to use the
administration toolkit. They must be set for each individual toolkit
user or set globally for all users.
---------------------------------------------------------------------
USR_ACE=/opt/ace/prog
VAR_ACE=/opt/ace/data
DLC=/opt/ace/rdbms
PROPATH=/opt/ace/prog/proapi/adbapi.pl:/opt/ace/prog/proapi/sdproapi.pl:/opt/ace/prog/protrig:/opt/ace/prog
LD_LIBRARY_PATH=/opt/ace/prog
[root@redhat3u8P utils]#
NOTE: The authentication manager 6.1.2 default installation folder on a once supported UNIX platform was /opt/ace and ACEUTILS refers to the default /opt/ace/utils folder location.
Steps to create the shell script to dump the server database
| 1. | Navigate to the ACEUTILS folder either using either the file ownership account for authentication manager (i.e. aceadmin) or the root account. To start creating the shell script enter the command : ./admenv > /tmp/serverdump.sh |
| 2. | Edit /tmp/serverdump.sh and remove the top seven lines so it leaves the following lines:
USR_ACE=/var/ace/progVAR_ACE=/var/ace/data
DLC=/var/ace/rdbms
PROPATH=/var/ace/prog/proapi/adbapi.pl:/var/ace/prog/proapi/sdproapi.pl:/var/ace/prog/protrig:/var/ace/prog
LD_LIBRARY_PATH=/var/ace/prog
Add these two lines to the end of the shell script:
export USR_ACE VAR_ACE DLC PROPATH LD_LIBRARY_PATH
$USR_ACE/sddump –s
NOTE: use the -l parameter with the sddump program to dump the log databaseSet the permissions of the shell script using a chmod command: chmod 755 /tmp/serverdump.sh |
| 3. | Determine who started the authentication manager 6.1.2 instance with the command : ps –ef | grep ace Example: [root@redhat3u8R /]# ps -ef | grep aceroot 1360 1 0 09:40 pts/0 00:00:00 /opt/ace/prog/_mprosrv /opt/ace/data/sdserv -N TCP -S sdserv -pf /opt/ace/prog/sdserv.pf
root 1363 1 0 09:40 pts/0 00:00:00 /opt/ace/rdbms/bin/_mprshut /opt/ace/data/sdserv -C apw
root 1366 1 0 09:40 pts/0 00:00:00 /opt/ace/rdbms/bin/_mprshut /opt/ace/data/sdserv -C biw
root 1368 1 0 09:40 pts/0 00:00:00 /opt/ace/prog/_mprosrv /opt/ace/data/sdlog -N TCP -S sdlog -pf /opt/ace/prog/sdlog.pf
root 1371 1 0 09:40 pts/0 00:00:00 /opt/ace/rdbms/bin/_mprshut /opt/ace/data/sdlog -C apw
root 1374 1 0 09:40 pts/0 00:00:00 /opt/ace/rdbms/bin/_mprshut /opt/ace/data/sdlog -C biw
root 1383 1 0 09:40 pts/0 00:00:00 /opt/ace/prog/sdoad
root 1673 1 0 09:40 ? 00:00:00 acesyncd -ReplicaID 1
root 1699 1 0 09:40 ? 00:00:00 /opt/ace/prog/_aceserver_fe
root 1701 1 0 09:40 ? 00:00:00 _aceserver_be
root 1703 1 0 09:40 ? 00:00:00 _aceserver_be
root 1734 1239 0 09:41 pts/0 00:00:00 grep ace
[root@redhat3u8R /]#
NOTE: in the above example the first column is showing that root owns the authentication manager processes. |
| 4. | Stop the authentication manager services using the account that was used to start the authentication manager services In my example, root was used to start the authentication manager services so root can stop the authentication manager services.. <AMHOME>/prog/aceserver stop
<AMHOME>/prog/sdconnect shutdown
<AMHOME>/prog/sdconnect clean
..where <AMHOME> is the folder where the authentication manager software was installed (by default this location is /opt/ace) |
| 5. | Navigate to the <AMHOME> folder and run the shell script to dump the server database with the command : /tmp/serverdump.sh A server database dump file called sdserv.dmp is created in the current folder <AMHOME>. NOTE: the database dump is encrypted with a security block that was created during the authentication manager installation and is present in the license record (license.rec). To decrypt the database dump file, perhaps for migration purposes, a copy of the license record is required. |
| 6. | Start the authentication manager services using either the file ownership account or root
<AMHOME>/prog/sdconnect/start
<AMHOME>/prog/aceserver start
|
Notes
Contacting RSA Customer Support
| Telephone | For urgent issues use on of the telephone numbers listed at URL http://www.emc.com/support/rsa/contact/phone-numbers.htm |
| For non-urgent issues email support@rsa.com | |
| Case Management | Case Management is found at URL https://knowledge.rsasecurity.com/scolcms/mysupport.aspx (requires access to RSA SecurCare Online) |
Related Articles
Unexpected error during command com.rsa.authmgr.admin.tokenmgt.UnlinkTokensFromPrincipalsCommand execution when unassignin… Number of Views Safe Upgrade Checklist for RSA ACE/Server and RSA Authentication Manager on UNIX platforms Number of Views RSA Authentication Manager 8.2 reports 'Unexpected error during command com.rsa.admin.GetPrincipalNestedGroupsCommand exec… Number of Views RSA Authentication Agent 7.1 for PAM for AIX acetest program fails to authenticate a username Number of Views How to recover the Application and AFX after an unexpected database failure in RSA Identity Governance & Lifecycle Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
