RSA Product Set: SecurID
RSA Product/ Service Type: Authentication Manager Web Tier
RSA Version/Condition: 8.x
Functions that utilize an RSA SecurID Web Tier server, such as importing a software token via CT-KIP, are not working, and the Web Tier has a status of either "Offline" or "Offline, reinstall required" in the RSA SecurID Authentication Manager Operations Console (Operations Console > Deployment Configuration > Web-Tier Deployments > Manage Existing.)
The imsTrace.log on the Web Tier server shows the following message(s):
[pool-2-thread-1], (BootstrapperWorker.java:172), trace.com.rsa.tool.webtierbootstrapper.BootstrapperWorker, ERROR, <Web-Tier hostname>,,,,Errors occur when checking Webtier Update Artifacts on Preferred Server.Insufficient privilege to do WebTier Configuration
[pool-2-thread-1], (EJBRemoteTargetBase.java:187), trace.com.rsa.command.EJBRemoteTargetBase, ERROR, <Web-Tier hostname>,,,,Exception during command execution.
com.rsa.command.exception.InsufficientPrivilegeException: Insufficient privilege to do WebTier Configuration
[pool-2-thread-1], (UpdateServerListWorker.java:97), trace.com.rsa.tool.webtierbootstrapper.UpdateServerListWorker, ERROR, <Web-Tier hostname>,,,,Error occur when updating server list
com.rsa.command.exception.InsufficientPrivilegeException: Insufficient privilege to do WebTier Configurationand/or,
Webtier host not found. Exiting checking server list update.This issue can occur when there is a mismatch between the hostname of the Web Tier server and the hostname of the record for it in the Authentication Manager Operations Console (Operations Console > Deployment Configuration > Web-Tier Deployments > Manage Existing).
Depending on which message(s) noted in the Issue section above are included in the Web Tier server's imsTrace.log, do the following:
- If the "Insufficient privilege to do WebTier Configuration" error messages are found in the Web Tier's imsTrace.log file, then:
-
- Correct the hostname mismatch between the Web Tier server and the record for it in Authentication Manager by either updating the hostname on the local Web Tier server or the hostname of the record for the Web Tier server in Authentication Manager (Operations Console > Deployment Configuration > Web-Tier Deployments > Manage Existing).
- Generate a new Web-Tier Deployment Package.
- Uninstall and re-install the Web Tier.
- If only the "Webtier host not found" message is found (and not the "Insufficient privilege to do WebTier Configuration" messages), then do either of the following:
-
- Change the hostname on the local Web Tier server to match the hostname of the record for it in Authentication Manager (Operations Console > Deployment Configuration > Web-Tier Deployments > Manage Existing), then:
-
-
- Restart the Web Tier server.
-
or,
-
- Change the hostname of the record for the Web Tier server in Authentication Manager (Operations Console > Deployment Configuration > Web-Tier Deployments > Manage Existing) to match the hostname of the local Web Tier server, and then:
-
-
- Generate a new Web-Tier Deployment Package.
- Uninstall and re-install the Web Tier.
-
Related Articles
StealthAUDIT hosts have a status of Offline in RSA Identity Governance and Lifecycle Number of Views AFX Server remains in a 'Not running' State, afx status shows 'timed out waiting for AFX applications to start' and esb.AF… Number of Views AFX Server stuck in 'Not running' State, with error 'timed out waiting for AFX applications to start' Number of Views Managing the Web-Tier Service Number of Views Web Tier status offline/Reinstall status changes to pending connection for RSA Authentication Manager 8.4 Number of Views
Trending Articles
RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide How to download and install the AFX Server Archive in RSA Identity Governance & Lifecycle The Template ({Connector Template Name}) has missing file content error when creating AFX Connectors in RSA Identity Gover… Downloading RSA Authentication Manager license files or RSA Software token seed records Troubleshooting RSA MFA Agent for Microsoft Windows
