Troubleshooting SecurID on PGP Universal

book

Article ID: 157337

calendar_today

Updated On:

Products

Symantec Products

Issue/Introduction

Unable to use RSA SecurID pin to authenticate.

Error creating AceLockRequest com.rsa.ace.techservice.udpserver.AUTHa7: Packet exception:Exception building Lock: no nodesecret

ACEServerDataObject.getData error./etc/ovid/securid (No such file or directory)

Resolution

Troubleshooting SecurID:

1. Create a PGP Universal Server administrator passphrase user on a cluster server to view logs when securID is unsuccessful  

2. Confirm that SecurID is enabled: Systems > Administrators

 

  • Click SecurID Authentication...
  • Confirm SecurID authentication is enabled
  • Confirm that the administrator user is using securID authentication and not passphrase authentication in their user settings

 

3. Confirm connection with RSA servers

In the same location, click the test connection button to confirm a connection with the RSA server

 

4. Gather behavior of different SecurID users and, if on a cluster, the behavior on different clusters

5. Enable PGP Universal Server Debug logs: (http://www.symantec.com/docs/TECH149337)

6. Check Administrator logs and confirm error: Reporting>Logs

Change Log filter to Administration and the Display filter to Verbose

 

7. Have RSA admin reset node secret for the PGP Universal Server

8. Delete and Re-import RSA configuration file sdconf.rec to PGP Universal Server 

9. Open a support ticket with RSA to help assist with a possible RSA SecurID cluster having replication issues

 


Attachments