Symantec Access Management

Hello Friends

Is there anyway I could unlock the Master Administrator "MASTERADMIN" in CA Strong Authentication Version 8.0.

ARCOTADMIN.log

2015-03-27 15:56:17,912 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : INFO  : paf.util.AdminAuthUtil : [N/A] : [N/A] : [N/A] : [Arcot Admin Console] : [Admin Console] : [N/A] : Bypassing the localhost check

2015-03-27 15:56:17,927 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : ERROR : paf.basicauth.BasicAuthManager : [MASTERADMIN] : [MASTERADMIN] : [N/A] : [Arcot Admin Console] : [Admin Console] : [70612] : Administrator 'MASTERADMIN (Organization: MASTERADMIN)' account is locked.

2015-03-27 15:56:17,943 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : INFO  : framework.utils.TxIdGenerator : [N/A] : [N/A] : [N/A] : [Arcot Admin Console] : [Admin Console] : [N/A] : Transaction ID = 5003

2015-03-27 15:56:17,958 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : INFO  : framework.adminmgmt.AdminManagerImpl : [] : [] : [] : [Arcot Admin Console] : [Admin Console] : [N/A] : Principal (logged on) Administrator 'MASTERADMIN (Organization: MASTERADMIN)' details retrieved successfully.

2015-03-27 15:56:17,958 EDT : [[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] : ERROR : auth.manager.LoginManager : [MASTERADMIN] : [MASTERADMIN] : [] : [Arcot Admin Console] : [Admin Console] : [] : Failed to audit log, Resource name field is empty

A peer recommended using the "arcot-masteradmin-password-reset-8.0.sql"; however even after executing it; I still am unable to login to Administration Console as the UI returns an Authenticatio Failed and arcotadmin.log states "Account Locked".

I see that the reset SQL Script updates 2 tables in Oracle DB.

However is there anywhere else, either locally on Server running Arcot Services OR in DB anyother table / column; the state of MASTERADMIN is stored. Thus that is holding onto the status as locked.

Regards

Hubert

For some strange reason I figured out when using SQLClient (Logging in "ARCOTUSER as SYSDBA") the script wasn't updating ARADMINUSER table, column AUTHSTATUS to UPDATE. It was always set to AUTHSTATUS to ACTIVE.

UPDATE ARADMINUSER

SET AUTHSTATUS = 'UPDATE'

WHERE ADMINID = 'MASTERADMIN' AND

ORGNAME = 'MASTERADMIN';

I then used a SQL Developer Tool (RAZORSQL) to run the Query manually. This updated the AUTHSTATUS to UDPATE.

After this restarted both the Services i.e. WebLogic Server and CA Strong Authentication Service. Then tried to login. This time it worked and it challenged me to change the password.

Though my core issue is resolved, Still trying to get my head around why didn't the SQLClient Script did not update the Column?

Regards

Hubert