search cancel

Symantec Identity Manager - How to change RSA endpoint URL

book

Article ID: 252888

calendar_today

Updated On:

Products

CA Identity Suite CA Identity Manager

Issue/Introduction

The URL used to acquire the RSA endpoint has changed and we need to adjust it to point to the new IP but when trying to open the properties within Provisioning Manager we get a connection error. It then does not allow the settings to be changed.

Environment

Release : 14.4

Resolution

Navigate to IMPD via jxplorer
Hostname:20391
UserDN: eTDSAContainerName=DSAs,eTNamespaceName=CommonObjects,dc=etadb
PW: SharedSecretPW

Navigate to etadb > im >RSASecurID 7 > MyRSAEndpoint

Update the URL to point to the correct URL

Clear Attributes: 
eTDYNPassword
eTDYN-str-multi-ca-04

Run:
etautil -u USER -p PWD -dyn update 'eTNamespaceName=MyEndpointType' eTDYNDirectory eTDYNDirectoryName='MyEndpoint' eTDYNPassword='MyEndpointPwd' eTDYN-str-multi-ca-04='cmdclientPW'

Example:
etautil -u etaadmin -p etaadminPW -dyn update 'eTNamespaceName=RSA SecurID 7' eTDYNDirectory eTDYNDirectoryName='MyRSAEndpoint' eTDYNPassword='RSAPassword' eTDYN-str-multi-ca-04='cmdclientPW'

Navigate back into Jxplorer and confirm eTDYNPassword and eTDYN-str-multi-ca-04 attributes are updated appropriately.

Navigate to Provisioning Manager > Endpoint > Properties and confirm connectivity.

Additional Information

If you do not update the eTDYNPassword and eTDYN-str-multi-ca-04 then you will encounter the error: 

DYN Endpoint MyEndpoint read failed: Error decrypting attribute eTDYNPassword: Attribute eTDYNConnectionURL has been modified since this attribute was encrypted. Please reset the encrypted attribute.
DYN Endpoint MyEndpoint read failed: Error decrypting attribute eTDYN-str-multi-ca-04: Attribute eTDYNConnectionURL has been modified since this attribute was encrypted. Please reset the encrypted attribute.

Make sure that you update these attributes at the same time as shown in the example etautil above.

Additional Kb to reference:
ETA_E_0019 Error decrypting attribute eTDYNPassword