In SEMS version 3.3.2 MP3, administrators are unable to enable the RSA SecureID Authentication feature by clicking the "Enable" button from within the SEMS web interface.
There are no errors; the screen just flashes and the SecureID Authentication feature remains disabled.
This is a known issue and is currently being reviewed by Symantec engineers.
Note: The workaround to resolve this issue requires SSH access to the Symantec Encryption Management Server (SEMS). If SSH is not currently configured in SEMS, please visit this KB article to set up SSH access, http://www.symantec.com/docs/TECH149673.
1. Login to SEMS via SSH.
2. Change the current working directory with the following commands, cd /etc/ovid.
3. Type, nano prefs.xml to make changes to the "prefs.xml" file.
4. Page down once and locate the RSA SecureID tag.
5. Change the Boolean value from "false" to "true".
6. Press and hold down "Control" (Ctrl) and then press "X" on your keyboard to save the changes.
7. When promtped to save, type "Y" on your keyboard to confirm the changes.
8. Reboot SEMS by typing pgpsysconf --reboot.
9. Once SEMS reboots, log on through the web interface. You should see some writing under the passphrase box that says, "Symantec Encryption Server Passphrase or SecureID Passcode".
10. Sign in with your Symantec Encryption Server Passphrase user first in order to set up your SecureID users.
11. Click on the System tab and then select Administrators.
12. To add your SecureID users, click on Add Administrator... and change the authentication type by clicking the drop down arrow and selecting SecureID.
13. Make sure the login name matches a SecureID user that you have already created within the RSA Security Console.
14. Once you have finished adding your SecureID user(s), log out of SEMS and log back in the web interface as the SecureD user, using your SecureID username and passcode.