Problems with RSA ACE server

Here is some interesting problem with RSA ACE server that I’ve encountered.
Symptoms:
1. The servers is restarting automatically. You are able to login but after a minute or sow you get the message with counter ‘System Shutdown:This System is Shutting down. Please save all work in progress and log off. Any unsaved changes will be lost’
The message should tell you that RSA ACE is restarting the server.

2. In Event viewer Application. You should see plenty of ACESERVER 15004 errors.
In systems event log you should see many Service Control Manager 7031 errors.
Under services most Automatic RSA ACE services would not be running and when you try to start RSA ACE/Server authentication engine it would not start.

Cause:
In my case the sdlog database got corrupted which caused the service not to start. Now the reason for corruption was that the database is running on Progress and that particular versio of progress that is used in RSA ACE does not support larger then 2GB databases and looking at sdblog.db I could see that the file is 2GB. Also browsing through Application event log I’ve found two events that confirmed 2GB size database problem. The error events are 111 and 225 source  SDLOG with the following messages: Message from PROGRESS database C:ACEdatasdlog (5199)
Usr     9: SYSTEM ERROR: Unable to extend the database. (111)
and Message from PROGRESS database C:ACEdatasdlog (5199) Usr     9: SYSTEM ERROR: Incomplete microtransaction. (2255)

To stop server from rebooting, you need to boot server in Safe Mode and look at RSA services. There should be many of them.
Open properties and click on Recovery tab.
Check what option are selected under failures if any of them is ‘Restart the Computer’ then change it to ‘Take no Action’. This should stop the reboots.

The solution was to restore the DB from the backup. For that you need the backup copy and run sdrest command.
Here are the instruction from the manual:
To restore a database using sdrest:
1. Log on as a Windows administrator.
2. From the RSA Authentication Manager Control Panel, stop all services.
3. To restore a database, use the command:
sdrest ACEDATAfilename pathnamebackup_filename
For example, to restore the server database from a file named sdserv1 in a
directory named backups in the acedata directory, the command would be:
sdrest acedatasdserv acedatabackupssdserv1
To restore the log database from a file named sdlog1 in a directory named
backups in the acedata directory, the command would be:
sdrest acedatasdlog acedatabackupssdlog1
4. Generate a Replica Package for all Replicas, and distribute the new database files
in the Replica Package to all Replicas.
If Push DB Assisted Recovery is allowed, the Primary will push the new
database files to the Replicas when you restart the Primary. Otherwise, copy the
database files to the Replicas manually, and use the RSA Authentication Manager
Control Panel to apply the Replica Package.
5. Restart the Primary.

Once that was done all services started properly. Now you need to cleanup the logs or the sdlog will reach 2GB again. For that use RSA ACE/Server Administration. It may take some time to open those logs before you can clean them.

Leave a Reply

Your email address will not be published.