Symantec Access Management

Expand all | Collapse all

StrongAuth Master Administrator Account Locked

Jump to Best Answer
  • 1.  StrongAuth Master Administrator Account Locked

    Posted 03-27-2015 04:08 PM

    Hello Friends

     

    Is there anyway I could unlock the Master Administrator "MASTERADMIN" in CA Strong Authentication Version 8.0.

     

     

    ARCOTADMIN.log

    2015-03-27 15:56:17,912 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : INFO  : paf.util.AdminAuthUtil : [N/A] : [N/A] : [N/A] : [Arcot Admin Console] : [Admin Console] : [N/A] : Bypassing the localhost check

    2015-03-27 15:56:17,927 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : ERROR : paf.basicauth.BasicAuthManager : [MASTERADMIN] : [MASTERADMIN] : [N/A] : [Arcot Admin Console] : [Admin Console] : [70612] : Administrator 'MASTERADMIN (Organization: MASTERADMIN)' account is locked.

    2015-03-27 15:56:17,943 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : INFO  : framework.utils.TxIdGenerator : [N/A] : [N/A] : [N/A] : [Arcot Admin Console] : [Admin Console] : [N/A] : Transaction ID = 5003

    2015-03-27 15:56:17,958 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : INFO  : framework.adminmgmt.AdminManagerImpl : [] : [] : [] : [Arcot Admin Console] : [Admin Console] : [N/A] : Principal (logged on) Administrator 'MASTERADMIN (Organization: MASTERADMIN)' details retrieved successfully.

    2015-03-27 15:56:17,958 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : ERROR : auth.manager.LoginManager : [MASTERADMIN] : [MASTERADMIN] : [] : [Arcot Admin Console] : [Admin Console] : [] : Failed to audit log, Resource name field is empty

     

     

    A peer recommended using the "arcot-masteradmin-password-reset-8.0.sql"; however even after executing it; I still am unable to login to Administration Console as the UI returns an Authenticatio Failed and arcotadmin.log states "Account Locked".

     

    I see that the reset SQL Script updates 2 tables in Oracle DB.

     

    However is there anywhere else, either locally on Server running Arcot Services OR in DB anyother table / column; the state of MASTERADMIN is stored. Thus that is holding onto the status as locked.

     

     

    Regards

     

    Hubert



  • 2.  Re: StrongAuth Master Administrator Account Locked
    Best Answer

    Posted 03-27-2015 06:26 PM

    For some strange reason I figured out when using SQLClient (Logging in "ARCOTUSER as SYSDBA") the script wasn't updating ARADMINUSER table, column AUTHSTATUS to UPDATE. It was always set to AUTHSTATUS to ACTIVE.

     

    UPDATE ARADMINUSER

    SET AUTHSTATUS = 'UPDATE'

    WHERE ADMINID = 'MASTERADMIN' AND

    ORGNAME = 'MASTERADMIN';

     

    Capture.JPG

     

     

    I then used a SQL Developer Tool (RAZORSQL) to run the Query manually. This updated the AUTHSTATUS to UDPATE.

     

    Capture.JPG

     

    Capture.JPG

     

     

    After this restarted both the Services i.e. WebLogic Server and CA Strong Authentication Service. Then tried to login. This time it worked and it challenged me to change the password.

     

     

    Though my core issue is resolved, Still trying to get my head around why didn't the SQLClient Script did not update the Column?

     

     

     

    Regards

     

    Hubert