Symantec Access Management

 View Only
  • 1.  StrongAuth Master Administrator Account Locked

    Posted Mar 27, 2015 04:08 PM

    Hello Friends


    Is there anyway I could unlock the Master Administrator "MASTERADMIN" in CA Strong Authentication Version 8.0.




    2015-03-27 15:56:17,912 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : INFO  : paf.util.AdminAuthUtil : [N/A] : [N/A] : [N/A] : [Arcot Admin Console] : [Admin Console] : [N/A] : Bypassing the localhost check

    2015-03-27 15:56:17,927 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : ERROR : paf.basicauth.BasicAuthManager : [MASTERADMIN] : [MASTERADMIN] : [N/A] : [Arcot Admin Console] : [Admin Console] : [70612] : Administrator 'MASTERADMIN (Organization: MASTERADMIN)' account is locked.

    2015-03-27 15:56:17,943 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : INFO  : framework.utils.TxIdGenerator : [N/A] : [N/A] : [N/A] : [Arcot Admin Console] : [Admin Console] : [N/A] : Transaction ID = 5003

    2015-03-27 15:56:17,958 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : INFO  : framework.adminmgmt.AdminManagerImpl : [] : [] : [] : [Arcot Admin Console] : [Admin Console] : [N/A] : Principal (logged on) Administrator 'MASTERADMIN (Organization: MASTERADMIN)' details retrieved successfully.

    2015-03-27 15:56:17,958 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : ERROR : auth.manager.LoginManager : [MASTERADMIN] : [MASTERADMIN] : [] : [Arcot Admin Console] : [Admin Console] : [] : Failed to audit log, Resource name field is empty



    A peer recommended using the "arcot-masteradmin-password-reset-8.0.sql"; however even after executing it; I still am unable to login to Administration Console as the UI returns an Authenticatio Failed and arcotadmin.log states "Account Locked".


    I see that the reset SQL Script updates 2 tables in Oracle DB.


    However is there anywhere else, either locally on Server running Arcot Services OR in DB anyother table / column; the state of MASTERADMIN is stored. Thus that is holding onto the status as locked.






  • 2.  Re: StrongAuth Master Administrator Account Locked
    Best Answer

    Posted Mar 27, 2015 06:26 PM

    For some strange reason I figured out when using SQLClient (Logging in "ARCOTUSER as SYSDBA") the script wasn't updating ARADMINUSER table, column AUTHSTATUS to UPDATE. It was always set to AUTHSTATUS to ACTIVE.










    I then used a SQL Developer Tool (RAZORSQL) to run the Query manually. This updated the AUTHSTATUS to UDPATE.







    After this restarted both the Services i.e. WebLogic Server and CA Strong Authentication Service. Then tried to login. This time it worked and it challenged me to change the password.



    Though my core issue is resolved, Still trying to get my head around why didn't the SQLClient Script did not update the Column?