Manualshelf

Troubleshooting guide

ManualsBrandsRSA Security ManualsServer6.1
31323334353637383940
1: Important RSA Authentication Manager 8.1 Changes 33
RSA Authentication Manager 6.1 to 8.1 Migration Guide
Group Administrators
In version 8.1, it is no longer possible to scope an administrator to a group.
Administrators are scoped to security domains only. To ensure that no administrators
are migrated with a higher level scope than they had in version 6.1, the group
administrator role is migrated, but not assigned to any version 6.1 group
administrators.
For example, group administrators in version 6.1 can only view and change users in
their scoped groups. When these administrators are migrated, if they were assigned a
group administrator role, their privileges could only be scoped to a security domain,
which could contain other users or groups over which the administrator did not
previously have any privileges. Rather than expand the privileges of these
administrators, the migration process restricts their privileges.
After migration, former group administrators have no administrative power. You must
assign administrative roles to these former group administrators, and scope them to
particular security domains.
Custom Administration Applications
You can no longer use any administrative utilities created using the version 6.1 API
(application programming interface) because the RSA Authentication Manager 8.1
software has been completely rewritten in Java. The version 6.1 Administrative API
includes C and TCL functions that allow you to develop administration applications
and TCL scripts. The version 8.1 API includes C#, Java, and Jython only. You must
rewrite custom administrative applications using the Java toolkit.
Authentication Manager Real-Time Activity Monitors
Activity Monitors allow you to view, in real time, log messages from activities that
occur in Authentication Manager. Each activity monitor displays a different type of
information:
Authentication Activity Monitor. Indicates who is authenticating or where the
authentication request is coming from.
System Activity Monitor. Displays the time of an activity, a description of the
activity, and whether the activity succeeded.
Administration Activity Monitor. Displays changes to the Authentication
Manager deployment, such as when users are added or deleted, or when tokens are
assigned.
You can no longer leave an Activity Monitor running indefinitely. In version 8.1,
Activity Monitors automatically time out after a configurable amount of time.
You can configure the messages that display in the Activity Monitors. For example,
you can configure the Administration Activity Monitor to view the activity of a
specific administrator, User ID, authentication agent, or security domain.