RSA Authentication Manager stuck at startup after configuring Embedded IDR
2 years ago
Article Number
000072334
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: RSA Authentication Manager 
RSA Version/Condition: 8.7 SP2, 8.7 SP2 P1
Issue
RSA Authentication Manager is installed with full kit of 8.7 SP2 and / upgraded to 8.7 SP2 P1. When an embedded Identity router is configured, and the Authentication Manager server is rebooted, the server is struck at startup. 

User-added image
Cause
Default docker.service file of suse changes the service dependency, that resulted in service re-order issue.
Resolution
  1. Reboot the system.
  2. Have console and keyboard access on boot.
  3. On boot, observe the system startup and look for a short GRUB message. 
  4. Right after the GRUB message you now see a blank screen with two lines. 
  5. Press the E key. You will be presented with an editor and the content of the selected boot entry.
  6. A text box will open, allowing you to edit the startup lines.
  7. Navigate down to the line that starts with linux and at the end of that line that already contains text, add systemd.mask=validate-interfaces.service to the end of the line, as shown:
      User-added image
  1. Boot the system by pressing F10.
  2. Once the server is booted. Apply the "Preventive Action" as mentioned in the Workaround section below - This is important to avoid re-occurrence of the problem. 
Workaround

After RSA Authentication Manager is installed with full kit of 8.7 SP2 and / upgraded to 8.7 SP2 P1. When an Embedded IDR is installed. Following steps needs to be performed as a "Preventive Action" , before rebooting the server. 

Note: This "Preventive Action" needs to be applied before rebooting the server.

  1. Launch the SSH client and connect to the RSA appliance using the IP address or fully qualified hostname.

  2. When prompted, type the operating system User ID, rsaadmin, and press ENTER.

  3. When prompted, type the password for the rsaadmin operating system account, and press ENTER.

  4. Change to the root user by running the command sudo su - root and providing the rsaadmin password.. 
login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter OS user password>
Last login: Thu May 23 21:46:18 2024 from 192.168.26.100
RSA Authentication Manager Installation Directory: /opt/rsa/am
rsaadmin@am87-2:~> sudo su -
[sudo] password for rsaadmin: <enter OS user password>
am87-2:~ #
       5. Run the below command. 
sed -i 's/After=network.target lvm2-monitor.service firewalld.service/Wants=iptables.service timesync.service wicked.service\nBefore=rsaservmgr.service snmpd.service systemd-logind.service\nAfter=network.target lvm2-monitor.service firewalld.service memorycontrol.service/g' /usr/lib/systemd/system/docker.service
  1. Run the below command.
systemctl daemon-reload
  1. Reboot the Appliance from the operation console.
Notes
This is a known issue - RSA Authentication Manager 8.7 SP2 Known Issues being tracked under, Tracking Number: AM-53077   This issue is fixed with 8.7 SP2 P2. GA : End of May 2024 



 

Related Articles

Trending Articles

Don't see what you're looking for?