RSA Authentication Manager 8.0 Troubleshooting Guide

RSA® Authentication Manager 8.0 Troubleshooting Guide

Contact InformationGo to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm

TrademarksRSA, the RSA Logo and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other trademarks used herein are the property of their respective owners. For a list of RSA trademarks, go to www.emc.com/legal/emc-corporation-trademarks.htm#rsa.

License AgreementThis software and the associated documentation are proprietary and confidential to EMC, are furnished under license, and may be used and copied only in accordance with the terms of such license and with the inclusion of the copyright notice below. This software and the documentation, and any copies thereof, may not be provided or otherwise made available to any other person.No title to or ownership of the software or documentation or any intellectual property rights thereto is hereby transferred. Any unauthorized use or reproduction of this software and the documentation may be subject to civil and/or criminal liability.This software is subject to change without notice and should not be construed as a commitment by EMC.

Third-Party LicensesThis product may include software developed by parties other than RSA. The text of the license agreements applicable to third-party software in this product may be viewed in the folder Third-Party Licenses on the product DVD.

Note on Encryption TechnologiesThis product may contain encryption technology. Many countries prohibit or restrict the use, import, or export of encryption technologies, and current use, import, and export regulations should be followed when using, importing or exporting this product.

DistributionUse, copying, and distribution of any EMC software described in this publication requires an applicable software license.

EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice.

THE INFORMATION IN THIS PUBLICATION IS PROVIDED "AS IS." EMC CORPORATION MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Copyright © 1994-2013 EMC Corporation. All Rights Reserved. Published in the U.S.A.March 2013

www.emc.com/domains/rsa/index.htm

www.emc.com/legal/emc-corporation-trademarks.htm#rsa

RSA Authentication Manager 8.0 Troubleshooting Guide

Contents

Preface................................................................................................................................... 5About This Guide................................................................................................................ 5RSA Authentication Manager 8.0 Documentation ............................................................. 5Related Documentation....................................................................................................... 6Support and Service ............................................................................................................ 6

Before You Call Customer Support............................................................................. 7

Chapter 1: Troubleshooting Common Error Messages ......................... 920063 - AUTHMGR_AGENT_CLEAR_NODESECRET ................................................ 920239 - EXPORT_DATA_TO_FILE................................................................................. 920240 - GENERATE_EXPORT_SECURITY_PACKAGE .............................................. 923039 - AUTOREG_CLEAR_NODESECRET ............................................................... 1023005 - AUTH_NODE_VERIFICATION ....................................................................... 1023036 - AUTOREG_VERIFY_NODESECRET.............................................................. 1023026 - AUTOREG_VERIFY_NODESECRET.............................................................. 1016044 - ACCESS_DATABASE........................................................................................1116075 - INITIALIZE_PERMISSIONS .............................................................................1116112 - REMOVE_ORPHANED_PRINCIPALS.............................................................1116329 - READ_ACTIVE_USERS ....................................................................................1126011 - PROCESS_REFERENTIAL_INTEGRITY_MESSAGES................................. 1223071 - AUTH_FAILED_BAD_TOKENCODE_GOOD_PIN ....................................... 12

Resolve 23071 - AUTH_FAILED_BAD_TOKENCODE_GOOD_PIN .................. 1223038 - AUTOREG_DHCP_ERROR .............................................................................. 12

Resolve 23038 - AUTOREG_DHCP_ERROR ......................................................... 1326041 - ADJUDICATOR_CLOCK_SETBACK.............................................................. 13

Resolve 26041 - ADJUDICATOR_CLOCK_SETBACK ........................................ 1416297 - BUILD_RELATED_IDENTITY_SOURCE_CACHE_FAILED....................... 14

Resolve 16297 - BUILD_RELATED_IDENTITY_SOURCE_CACHE_FAILED.. 1420056 - INSUFFICIENT_PRIVILEGE............................................................................ 14

Resolve 20056 - INSUFFICIENT_PRIVILEGE....................................................... 1523002 - AUTH_UNSUPPORTED_PROTOCOL ............................................................ 15

Resolve 23002 - AUTH_UNSUPPORTED_PROTOCOL ....................................... 1523008 - AUTH_PRINCIPAL_RESOLUTION ................................................................ 15

Resolve 23008 - AUTH_PRINCIPAL_RESOLUTION ........................................... 1623072 - AUTH_FAILED_BAD_PIN_GOOD_TOKENCODE ....................................... 16

Resolve 23072 - AUTH_FAILED_BAD_PIN_GOOD_TOKENCODE .................. 1623073 - AUTH_FAILED_BAD_PIN_PREVIOUS_TOKENCODE ............................... 16

Resolve 23073 - AUTH_FAILED_BAD_PIN_PREVIOUS_TOKENCODE .......... 1723080 - AUTH_AGENT_DOESNT_ACCEPT_SECURID ............................................ 17

Resolve 23080 - AUTH_AGENT_DOESNT_ACCEPT_SECURID ....................... 1716089 - DENIAL_OF_SERVICE..................................................................................... 18

Resolve 16089 - DENIAL_OF_SERVICE................................................................ 18

3


20214 - AM_CONFIGURATION_UPDATE_FAILED .................................................. 18Resolve 20214 - AM_CONFIGURATION_UPDATE_FAILED............................. 18

13003 - AUTHN_LOCKOUT_EVENT ........................................................................... 19Resolve 13003 - AUTHN_LOCKOUT_EVENT ...................................................... 19

16265 - DETERMINE_RELATED_IDENTITY_SOURCE............................................ 19Resolve 16265 - DETERMINE_RELATED_IDENTITY_SOURCE ...................... 19

16294 - IDENTITY_SOURCE_GET_CONNECTION_FAILED................................... 20Resolve 16294 - IDENTITY_SOURCE_GET_CONNECTION_FAILED.............. 20

16296 - TRACK_USER_MOVE_IN_REPLICA_FAILED............................................. 20Resolve 16296 - TRACK_USER_MOVE_IN_REPLICA_FAILED........................ 20

23017 - OA_DATA_DOWNLOAD_FAILED................................................................. 21Resolve 23017 - OA_DATA_DOWNLOAD_FAILED............................................ 21

23021 - AUTHMGR_NEXT_TOKENCODE_ACTIVATED ......................................... 21Resolve 23021 - AUTHMGR_NEXT_TOKENCODE_ACTIVATED .................... 21

16262 - BATCH_CLEANUP_ORPHANED_PRINCIPALS_LIMIT_HIT..................... 22Resolve 16262 - BATCH_CLEANUP_ORPHANED

_PRINCIPALS_LIMIT_HIT.................................................................................. 2216264 - MARK_FIND_PRINCIPAL_ACROSS_IDENTITYSOURCE_FAILURE ...... 22

Resolve 16264 - MARK_FIND_PRINCIPAL_ACROSS_IDENTITYSOURCE_FAILURE ......................................................................... 22

Chapter 2: RSA Authentication Manager Log Messages .................... 23

4


Preface

About This Guide

This guide describes how to troubleshoot RSA® Authentication Manager 8.0 for commonly occurring error messages. These error messages are displayed in the SNMP traps or in the logs. Refer to this guide for basic troubleshooting steps before calling Customer Support. This guide also lists all the Authentication Manager 8.0 trap messages. This guide is intended for administrators and other trusted personnel.

RSA Authentication Manager 8.0 Documentation

For information about RSA Authentication Manager 8.0, see the following documentation. RSA recommends that you store the product documentation in a location on your network that is accessible to administrators. Release Notes. Describes what is new and changed in this release, as well as workarounds for known issues.Getting Started. Describes how to perform the Authentication Manager Quick Setup process.Planning Guide. Describes the high-level architecture of Authentication Manager and how it integrates with your network.Setup and Configuration Guide. Describes how to set up and configure Authentication Manager.Administrator’s Guide. Provides an overview of Authentication Manager and its features. Describes how to configure the system and perform a wide range of administration tasks, including manage users and security policies. Help Desk Administrator’s Guide. Provides instructions for the most common tasks that a Help Desk Administrator performs on a day-to-day basis. SNMP Reference Guide. Describes how to configure Simple Network Management Protocol (SNMP) to monitor an instance of Authentication Manager.Troubleshooting Guide. Describes the most common error messages in RSA Authentication Manager and provides the appropriate actions to troubleshoot each event. Developer’s Guide. Provides information about developing custom programs using the RSA Authentication Manager application programming interfaces (APIs). Includes an overview of the APIs and Javadoc for Java APIs.Performance and Scalability Guide. Describes what to consider when tuning your deployment for optimal performance. 6.1 to 8.0 Migration Guide. Describes how to migrate from an RSA Authentication Manager 6.1 deployment to an RSA Authentication Manager 8.0 deployment.

Preface 5


7.1 to 8.0 Migration Guide. Describes how to migrate from an RSA Authentication Manager 7.1 deployment to an RSA Authentication Manager 8.0 deployment. Security Console Help. Describes day-to-day administration tasks performed in the Security Console.

Operations Console Help. Describes configuration and setup tasks performed in the Operations Console. Self-Service Console Help. Describes how to use the Self-Service Console. To view the Help, on the Help tab in the Self-Service Console, click Self-Service Console Help.RSA Token Management Snap-In Help. Describes how to use software that works with the Microsoft Management Console (MMC) for deployments that have an Active Directory identity source. Using this snap-in, you can enable or disable a token, assign a token, or perform other token-related tasks without logging on to the Security Console.

Related Documentation

RADIUS Reference Guide. Describes the usage and settings for the initialization files, dictionary files, and configuration files used by RSA RADIUS.Security Configuration Guide. Describes the security configuration settings available in Authentication Manager. It also describes secure deployment and usage settings, secure maintenance, and physical security controls.

Support and Service

RSA SecurCare Online offers a knowledgebase that contains answers to common questions and solutions to known problems. It also offers information on new releases, important technical news, and software downloads.The RSA Solution Gallery provides information about third-party hardware and software products that have been certified to work with RSA products. The gallery includes Secured by RSA Implementation Guides with step-by-step instructions and other information about interoperation of RSA products with these third-party products.

RSA SecurCare Online https://knowledge.rsasecurity.com

Customer Support Information www.emc.com/support/rsa/index.htm

RSA Solution Gallery https://gallery.emc.com/community/marketplace/rsa?view=overview

6 Preface

https://knowledge.rsasecurity.com

www.rsa.com/support

www.rsa.com/rsasecured


Before You Call Customer Support

Please have the following information available when you call: Access to the RSA Authentication Manager appliance. Your license serial number. To locate the license serial number, do one of the

following:• Look at the order confirmation e-mail that you received when your ordered

the product. This e-mail contains the license serial number.• Log on to the Security Console, and click License Status. Click View

Installed License. The Authentication Manager appliance software version information. You can

find this information in the top, right corner of the Quick Setup, or in the Security Console. Log on to the Security Console, and click Software Version Information.

Preface 7


1 Troubleshooting Common Error Messages

This chapter lists messages that occur for common problems, along with their possible causes and corresponding resolutions. These messages are for administrative, system, and authentication events. Each error message includes:• Action ID. A unique number• Action Key. A unique title• Message. Text that describes the issue. • Description. Additional information about the message.

20063 - AUTHMGR_AGENT_CLEAR_NODESECRET

Message: Administrator “{0}” attempted to clear node secret for agent “{4}” managed in security domain “{5}”Description: Clear Agent Node SecretProblem: The node secret has been cleared. No troubleshooting is required.

20239 - EXPORT_DATA_TO_FILE

Message: Administrator “{0}” attempted to export data to the file “{11}”.Description: Export Data to fileProblem: The administrator attempted to export user and token data to a file. No troubleshooting is required.

20240 - GENERATE_EXPORT_SECURITY_PACKAGE

Message: Administrator “{0}” attempted to generate and download export security package.Description: Generate Export Security PackageProblem: The administrator attempted to generate and download the export security package. No troubleshooting is required.

1: Troubleshooting Common Error Messages 9


23039 - AUTOREG_CLEAR_NODESECRET

Message: Cleared node secret for the agent “{3}” in Security Domain “{5}”Description: Agent node secret has been clearedProblem: The administrator has manually cleared, generated, and reloaded the node secret. No troubleshooting is required.

23005 - AUTH_NODE_VERIFICATION

Message: Verifying node secret for the agent “{3}” with IP address “{4}” in security domain “{5}”Description: Node secret verificationProblem: There is a problem with the node secret. Resolution: Clear the node secret in both the Authentication Manager server and agent. See the Security Console Help topic “Manage the Node Secret.”

23036 - AUTOREG_VERIFY_NODESECRET

Message: Verifying node secret for the agent “{3}” with IP address “{4}” in Security Domain “{5}”Description: Agent node secret verificationProblem: There is a problem with the node secret. Resolution: Clear the node secret in both the Authentication Manager server and agent. See the Security Console Help topic “Manage the Node Secret.”

23026 - AUTOREG_VERIFY_NODESECRET

Message: Verifying node secret for the agent “{3}” with IP address “{4}” in Security Domain “{5}”Description: Agent node secret verificationProblem: This message indicates that there is a problem with the node secret. Resolution: Clear the node secret in both the Authentication Manager server and agent. See the Security Console Help topic “Manage the Node Secret.”

10 1: Troubleshooting Common Error Messages


16044 - ACCESS_DATABASE

Message: Database access attempted by systemDescription: Database accessProblem: An unexpected error occurred when a database access was attempted using utilities that are different from those used by the Operations Console or Security Console. Resolution: Verify if the database is operating correctly and if sufficient storage space is available.

16075 - INITIALIZE_PERMISSIONS

Message: System attempted to load permission types from the databaseDescription: Initialize permissionsProblem: An unexpected error has occurred when loading administrative role permissions from the database.Resolution: Verify if the database is operating correctly and if sufficient storage space is available.

16112 - REMOVE_ORPHANED_PRINCIPALS

Message: Administrator “{0}” attempted to clean up unresolvable usersDescription: Clean up unresolvable usersProblem: Authentication Manager cannot connect to the LDAP directory server.Resolution: Confirm that the LDAP directory server(s) identified in the identity source connection information are running and can be connected from the server.

16329 - READ_ACTIVE_USERS

Message: System failed to read the licensed number of active users from the system configurationDescription: Unable to read active users from the system configurationProblem: Authentication Manager licensing is incorrect.Resolution: Confirm that Authentication Manager has a valid license file. In the Security Console Help, see the topic “Check License Status.”



26011 - PROCESS_REFERENTIAL_INTEGRITY_MESSAGES

Message: Administrator “{0}” attempted to process referential integrity messageDescription: Process Referential Integrity MessageProblem: An error occurred while promoting a replica instance to a primary instance.Resolution: Confirm that the replica promotion has completed successfully. Do not start the severs before this process is complete. In the Operations Console Help, see the topic “Promote a Replica Instance.”

23071 - AUTH_FAILED_BAD_TOKENCODE_GOOD_PIN

Message: Bad tokencode ; but good PIN detected for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity sourceDescription: Authentication attempted.Problem: The user could not successfully authenticate. It is possible that the user has forgotten the PIN, or is using the wrong token.

Resolve 23071 - AUTH_FAILED_BAD_TOKENCODE_GOOD_PIN

Procedure

1. Verify that the user is using the correct token as assigned. Ask the user for the serial number on the back of the token, and verify it against the token serial number that you see in the Security Console. If the token serial numbers do not match, ask the user to use the assigned token only.

2. Resynchronize the token assigned to the user. See the Security Console Help topic “Resynchronize a Token.”

3. Open the Activity Monitor. Ask the user to authenticate using the PIN after resynchronization, and monitor the log entry in real time. See the Security Console Help topic, “View Messages in the Activity Monitor.”

23038 - AUTOREG_DHCP_ERROR

Message: While registering an agent “{3}” ; found another agent “{8}” with the same alias IP address “{4}”. Could not un-assign IP from “{8}”Description: While registering an agent found another agent with the same alias IP address.Problem: During agent registration, another agent was found to have the same alias IP address.



Resolve 23038 - AUTOREG_DHCP_ERROR

This message is related to auto-registration and DHCP. Procedure

1. Enable auto-registration. For instructions, see the Security Help topic, “Allow an Agent to Auto-Register.”

2. Download the server certificate. For instructions, see the Security Console Help topic, “Download an RSA Authentication Manager Server Certificate.”

3. When setting Agent Auto-Registration settings, change the default Agent IP Update option to not automatically update the IP addresses of authentication agents. For more information, see the Security Console Help topic “Configure Agent Settings.”

4. Check your firewall rules and ensure that the following ports are open to enable communication between the agent and Authentication Manager instance.

5. Clear the node secret files on the agent. For instructions, see the authentication agent documentation.

6. Re-install the authentication agent. Choose custom installation, and select auto-registration during the install process. See your agent documentation for instructions.

26041 - ADJUDICATOR_CLOCK_SETBACK

Message: Detected clock setback ; current:“{3}” expected:“{4}”Description: Clock Setback DetectedProblem: If the time difference is less than plus or minus one minute, the Authentication Manager system clock may not be synchronized with the Network Time Protocol (NTP) Server. If the time difference is more than plus or minus one minute, contact RSA Customer Support.

Port Function

5500/UDP Used for communication between Authentication Manager and authentication agents.

5580/TCP Authentication agents connect to this port to perform offline data downloads.

5550/TCP Used by the authentication agent auto-registration utility. This port must be open.

139/TCP Used by authentication agents to verify whether the user is a member of a challenge group in Microsoft Active Directory.



Resolve 26041 - ADJUDICATOR_CLOCK_SETBACK

Procedure

1. Verify that the NTP server is correct and stable.2. Make sure the Authentication Manager server is synchronized with the NTP

server. For instructions on how to specify the date and time settings, see the Operations Help topic, “Update System Date and Time Settings.” Do not set the system clock of the Authentication Manager server back in time. This is a potential security issue as it can cause expired tokencodes to be used.

16297 - BUILD_RELATED_IDENTITY_SOURCE_CACHE_FAILED

Message: System cannot initialize related identity sources for identity source “{3}”Description: System cannot initialize related identity source cache.Problem: Authentication Manager cannot connect to the identity source. This error can occur under the following circumstances:• The firewall is configured incorrectly.• LDAP credentials are invalid or expired.• A certificate has expired.• LDAP filters are configured incorrectly or altered.• Network issues exist.

Resolve 16297 - BUILD_RELATED_IDENTITY_SOURCE_CACHE_FAILED

Verify the LDAP connection. For LDAP-related information, see the Operations Console Help topics, “Add an Identity Source” and “Identity Source SSL Certificates.” To troubleshoot network issues, see the Operations Console Help topic, “Verify an IP Address or Hostname.”

20056 - INSUFFICIENT_PRIVILEGE

Message: Administrator “{0}” attempted an action having insufficient privileges.Description: Insufficient PrivilegeProblem: The administrator has insufficient privileges to perform the attempted action.



Resolve 20056 - INSUFFICIENT_PRIVILEGE

Procedure

1. Verify that the administrator is assigned the correct security domain scope and permissions. For instructions, see the Security Console Help topic “View All Administrative Roles Assigned to an Administrator.”

2. If the administrator needs more permissions, either edit the administrative role and add the appropriate permissions or assign a different role. See the Security Console Help Topic, “Administrative Role Overview” for more information.

23002 - AUTH_UNSUPPORTED_PROTOCOL

Message: Received unsupported request from agent “{3}” with IP address “{4}” in security domain “{5}”. Request type: “{18}”Description: Received unsupported request.Problem: The device is unsupported because there is no server interface to handle this type of network packet.

Resolve 23002 - AUTH_UNSUPPORTED_PROTOCOL

Procedure

1. Verify that the agent host uses a legacy authentication method from agents older than version 5.x. Authentication Manager 8.0 only accepts agents from releases 5.x and higher.

2. Contact the manufacturer of the user’s authentication device to find out if the device is eligible to upgrade to a 5.x or higher API.

3. If the device is enabled for RADIUS, verify that the current version is compatible with the new RADIUS Access-Challenge, including New PIN Mode and Next Tokencode Mode.

23008 - AUTH_PRINCIPAL_RESOLUTION

Message: Attempting to resolve user by userid or alias “{0}”. Request originated from agent “{3}” with IP address “{4}” in security domain “{5}”Description: Resolve principal by userid/aliasProblem: Authentication Manager cannot identify the user through the User ID or alias. It is possible that multiple users have the same alias. When an administrator associates an agent and a group, all of the user’s aliases associated with the group are now searched. This error can occur under the following circumstances:• An agent is associated with many groups and two people in different groups have

the same alias.• An administrator recently associated an agent with a group.



Resolve 23008 - AUTH_PRINCIPAL_RESOLUTION

Procedure

1. In the Security Console, go to the Home page.2. Use Quick Search to find the user.3. Click Authentication Settings and view the user alias.4. Change the user’s alias to be unique.

23072 - AUTH_FAILED_BAD_PIN_GOOD_TOKENCODE

Message: Bad PIN ; but good tokencode detected for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity sourceDescription: Authentication attemptedProblem: The user who is assigned the token may no longer possess it because the passcodes are being guessed.

Resolve 23072 - AUTH_FAILED_BAD_PIN_GOOD_TOKENCODE

Confirm if the user possesses the assigned token. Procedure

1. In the Security Console, go to the Home page.2. Use Quick Search to find the user.3. Select the user to whose token you need to verify.4. Under Assigned SecurID Tokens, view the token serial number.5. Ask the user for the serial number on the back of the token, and verify if it

matches the serial number on the Security Console.

23073 - AUTH_FAILED_BAD_PIN_PREVIOUS_TOKENCODE

Message: Bad PIN ; but previous tokencode detected for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity sourceDescription: Authentication attemptedProblem: This error occurred due to any of the following circumstances: • The user forgot his or her PIN or is using a PIN that is correct for a different token.• Replication has failed, and the user’s PIN is not updated in the replica instance. • An unauthorized person possesses the token and is guessing PINs.



Resolve 23073 - AUTH_FAILED_BAD_PIN_PREVIOUS_TOKENCODE

Procedure

1. Check the replication status. See the Operations Console Help topic, “Check Replication Status.”

2. If the replication status does not display an error, confirm that the serial number on the back of the token matches the token assigned to the user in the User Dashboard. If the serial numbers match, clear the PIN. a. In the Security Console, go to the Home page.b. Use Quick Search to find the user.c. Select the user to whose token you need to verify.d. Under Assigned SecurID Tokens, view the token serial number.e. If the serial number matches, you need to clear the PIN.f. Under Assigned SecurID Tokens, select the token with the PIN that needs to

be cleared.g. Click Clear PIN.

3. Require the user to change the PIN. For instructions, see the Security Console Help topic “Require Users to Change Their RSA SecurID PINs.”

4. Open the Authentication Activity Monitor and instruct the user to authenticate. You can see whether the user has authenticated.

23080 - AUTH_AGENT_DOESNT_ACCEPT_SECURID

Message: Received a SecurID credential ; which the agent is configured to not accept. Agent “{3}” with IP address “{4}” in security domain “{5}”Description: SecurID credential type not acceptedProblem: An agent attempted to submit a SecurID passcode. The agent is configured to handle users who are enrolled in risk-based authentication (RBA), but it is not configured to authenticate a SecurID passcode.

Resolve 23080 - AUTH_AGENT_DOESNT_ACCEPT_SECURID

Ensure that the agent is configured correctly. Procedure

1. In the Security Console, click Setup > System Settings.2. Under Authentication Settings, click Agents.3. Verify that the authentication settings are correct.

• If the agent is to be used for SecurID authentications, configure the agent to be used for a normal passcode.

• If the agent is to be used for RBA, configure the agent to redirect to the RBA server.



16089 - DENIAL_OF_SERVICE

Message: Denial-of-service attack detected. Server received “{4}” failed authentications from user “{3}”Description: Denial-of-service attack detectedProblem: Authentication Manager has detected a series of unsuccessful authentication attempts from a remote administrative SDK application, suggesting that an unauthorized individual is attempting to authenticate. The SDK application might not have the correct WebLogic command client username and password, which would cause authentication attempts to fail.

Resolve 16089 - DENIAL_OF_SERVICE

Verify that any remote administrative SDK applications have the correct WebLogic command client username and password.

20214 - AM_CONFIGURATION_UPDATE_FAILED

Message: Administrator “{0}” failed to update AM configurationDescription: Failed to update AM configuration

Problem: An attempt to modify Authentication Manager configuration data has failed. Either the administrator performing the update does not have permission or the configuration value has been removed or deprecated.This error can also occur when an application using UpdateAMConfigurationCommand to update configuration data lacks sufficient permission.

Resolve 20214 - AM_CONFIGURATION_UPDATE_FAILED

Verify that the administrator has permission to modify the configuration data.Procedure

1. In the Security Console, go to the Home page.2. Use Quick Search to find and select the administrator.3. From the context menu next to the administrator’s username, select

Administrative Roles.4. Verify that the assigned administrative roles provide sufficient privileges to

modify the configuration data.5. (Optional) To assign additional administrative roles to this administrator, do the

following:a. Click Assign Role.b. Select the role you want to assign to the administrator.c. Click Assign Role.



13003 - AUTHN_LOCKOUT_EVENT

Message: Users “{0}” from security domain “{1}” in identity source “{2}” is locked outDescription: Principal lockoutProblem: Authentication Manager has locked a user out of the system.

Resolve 13003 - AUTHN_LOCKOUT_EVENT

Procedure

1. In the Security Console, use the Quick Search field to find the user.

2. In the User Dashboard, view the user’s lockout status.3. Unlock the user’s account.See the Security Console Help topic “Locked User Accounts” for more information.

16265 - DETERMINE_RELATED_IDENTITY_SOURCE

Message: System cannot determine whether identity source “{3}” and identity source “{4}” are connecting to the same directory server.Description: Attempting to determine whether the given identity sources connect to the same directory server. Problem: A connectivity problem exists between the identity source and the LDAP directory server. This problem can occur for any of the following reasons: • Incorrectly configured firewall • Invalid or expired LDAP credentials• Certificate expiration• Incorrectly configured or altered LDAP filters• Network issues

Resolve 16265 - DETERMINE_RELATED_IDENTITY_SOURCE




16294 - IDENTITY_SOURCE_GET_CONNECTION_FAILED

Message: Cannot process requests that need access to identity source “{3}”. The identity source is currently unreachable.Description: Failed to connect to identity source.Problem: Authentication Manager cannot connect to the identity source. This problem can occur for any of the following reasons: • Incorrectly configured firewall • Invalid or expired LDAP credentials

• Certificate expiration• Incorrectly configured or altered LDAP filters• Network issues

Resolve 16294 - IDENTITY_SOURCE_GET_CONNECTION_FAILED


16296 - TRACK_USER_MOVE_IN_REPLICA_FAILED

Message: The user’s distinguished name has changed. Either the primary could not update the user or the primary cannot be contacted. Authentication requests from “{3}” to this instance will not be successful until primary updates the user.Description: System cannot process this authentication requestProblem: A connectivity problem exists between the primary and replica instances.

Resolve 16296 - TRACK_USER_MOVE_IN_REPLICA_FAILED

Procedure

1. Check the replication status between the primary and replica instance. For information, see the Operations Console Help topic, “Check Replication Status.”

2. Verify if you can reach the primary or replica instance by running network tools and confirming if the replication port 7002/TCP is open. To run network tools, see the Operations Console Help topic, “Verify an IP Address or Hostname.”

3. Determine if disaster recovery procedures are appropriate. For information, see the Operations Console Help topic, “Disaster Recovery Situations.”



23017 - OA_DATA_DOWNLOAD_FAILED

Message: Offline authentication data download requested by user “{0}” from agent “{3}” using token “{8}” failed with error message “{9}”Description: Offline Authentication Data Download FailedProblem: A user’s attempt to download offline authentication data failed. This message can occur when the offline authentication policy settings for the user do not match the settings for the agent. This can also occur if port 5580/tcp is inaccessible.

Resolve 23017 - OA_DATA_DOWNLOAD_FAILED

Procedure

1. Verify if port 5580/tcp is accessible. For instructions, see the Operations Console Help topic, “Verify an IP Address or Hostname.”

2. Identify the security domains to which the user and agent belong.3. If the security domains are different, verify that the offline authentication policies

applied to each security domain do not conflict.4. Modify the offline authentication policies to resolve any conflicts. See

“Configuring Authentication Policies” in the Administrator’s Guide for more information.

23021 - AUTHMGR_NEXT_TOKENCODE_ACTIVATED

Message: Next tokencode mode activated for token serial number “{16}” assigned to user “{0}” in security domains “{1}” from “{2}” identity source.Description: Next tokencode mode activated for tokenProblem: A user has failed to authenticate with a specific token more times than the token policy allows. In next tokencode mode, the user has one chance to enter the tokencode correctly before the account is locked.

Resolve 23021 - AUTHMGR_NEXT_TOKENCODE_ACTIVATED

This message occurs when a token has failed to authenticate a specific number of times. You can configure the number of authentication failures allowed before next tokencode mode is activated in the Security Console. See “Token Policy” in the Administrator’s Guide for more information.



If this error occurs multiple times, check the accuracy of the Authentication Manager system clock. Clock drift may have occurred between the Authentication Manager Server and the token clock. See “Accurate System Date and Time Settings” in the Setup and Configuration Guide for more information.

Note: Incorrectly or unnecessarily changing the system time may cause a total authentication outage. If you are not confident of the cause of the problem, contact RSA Customer Support. Do not attempt to correct clock drift if it is more than plus or minus one minute.

16262 - BATCH_CLEANUP_ORPHANED_PRINCIPALS_LIMIT_HIT

Message: Cleanup of unresolvable users was not possible. Found {3} users ; which exceeded the automated cleanup limit of {4} users.Description: Clean up unresolvable users and groupsProblem: The Cleanup Limit canceled an automated cleanup job because more than the specified number of unresolvable users were found in the database.

Resolve 16262 - BATCH_CLEANUP_ORPHANED_PRINCIPALS_LIMIT_HIT

Verify if any recent changes have been applied to the identity source, such as using a filter. Such a change may result in a large difference in the number of users located in the identity source. See “User Data in an LDAP Directory” in the Administrator’s Guide, for more information on how changes made to user data in an LDAP directory can affect user authentication and administration.

16264 - MARK_FIND_PRINCIPAL_ACROSS_IDENTITYSOURCE_FAILURE

Message: User cannot be found across identity sources. User “{3}” will not be allowed to authenticate for the next 60 minutes..Description: System cannot process this authentication requestProblem: The user who attempted to authenticate cannot be found in any identity source.

Resolve 16264 - MARK_FIND_PRINCIPAL_ACROSS_IDENTITYSOURCE_FAILURE

Verify if you have made any recent change to the identity source, such as using a filter. Such a change may result in a large difference in the number of users located in the identity source.



2 RSA Authentication Manager Log Messages

This chapter lists all Authentication Manager log messages based on the event category and action ID. It also lists the corresponding action key, description, and log message. The log message has placeholders in the “{number}” format, which represents actual data in the logs and Activity Monitor. Use this chapter to understand simple network management protocol (SNMP) trap information captured by a network management system. For more information on the information displayed by the object identifier structure (OID) in the SNMP trap, see the RSA Authentication Manager 8.0 SNMP Reference Guide.

Event Category Action ID Action Key Description Message

eventAdmin 10001 CREATE_REALM Create realm Administrator “{0}” attempted to create realm “{4}”

eventAdmin 10002 DELETE_REALM Delete realm Administrator “{0}” attempted to delete realm “{4}”

eventAdmin 10003 UPDATE_REALM Update realm Administrator “{0}” attempted to update realm “{4}”

eventAdmin 10004 READ_REALM Read realm Administrator “{0}” attempted to read realm “{4}”

eventAdmin 10005 CREATE_SECURITY_DOMAIN Create security domain

Administrator “{0}” attempted to create security domain “{4}”. The fully qualified name of the domain is “{11}”

2: RSA Authentication Manager Log Messages 23


eventAdmin 10006 DELETE_SECURITY_DOMAIN Delete security domain

Administrator “{0}” attempted to delete security domain “{4}”. The fully qualified name of the domain is “{11}”

eventAdmin 10007 UPDATE_SECURITY_DOMAIN Update security domain

Administrator “{0}” attempted to update security domain “{4}”. The fully qualified name of the domain is “{11}”

eventAdmin 10008 READ_SECURITY_DOMAIN Read security domain

Administrator “{0}” attempted to read security domain “{4}”. The fully qualified name of the domain is “{11}”

eventAdmin 10009 CREATE_IDENTITY_SOURCE Register identity source

Administrator “{0}” attempted to register identity source “{6}”

eventAdmin 10010 DELETE_IDENTITY_SOURCE Delete registration of identity source

Administrator “{0}” attempted to delete the registration of identity source “{6}”

eventAdmin 10011 UPDATE_IDENTITY_SOURCE Update registration of identity source

Administrator “{0}” attempted to update the registration of identity source “{6}”

eventAdmin 10012 CLEANUP_IDENTITY_SOURCE

Clean up identity source

Administrator “{0}” attempted to clean up identity sources


24 2: RSA Authentication Manager Log Messages


eventAdmin 10013 CREATE_ATTRIBUTE Create attribute Administrator “{0}” attempted to create attribute “{4}” ; to be managed in security domain “{5}”

eventAdmin 10014 READ_ATTRIBUTE Read attribute Administrator “{0}” attempted to read attribute “{4}” ; managed in security domain “{5}”

eventAdmin 10015 UPDATE_ATTRIBUTE Update attribute Administrator “{0}” attempted to update attribute “{4}” ; managed in security domain “{5}”

eventAdmin 10016 DELETE_ATTRIBUTE Delete attribute Administrator “{0}” attempted to delete attribute “{4}” ; managed in security domain “{5}”

eventAdmin 10017 CREATE_ATTRIBUTE_MAPPING

Map attribute Administrator “{0}” attempted to map attribute “{4}” ; managed in security domain “{5}” to “{8}”

eventAdmin 10018 READ_ATTRIBUTE_MAPPING Read attribute mapping

Administrator “{0}” attempted to read attribute mapping “{4}”’s ; managed in security domain “{5}”




eventAdmin 10019 DELETE_ATTRIBUTE_MAPPING

Delete attribute mapping

Administrator “{0}” attempted to delete the mapping of attribute “{4}” ; managed in security domain “{5}” to “{8}”

eventAdmin 10020 CREATE_ADMIN_ROLE Create administrative role

Administrator “{0}” attempted to create administrative role “{4}” ; to be managed in security domain “{5}”

eventAdmin 10021 DELETE_ADMIN_ROLE Delete administrative role

Administrator “{0}” attempted to delete administrative role “{4}” ; managed in security domain “{5}”

eventAdmin 10022 READ_ADMIN_ROLE Read administrative role

Administrator “{0}” attempted to read administrative role “{4}” ; managed in security domain “{5}”

eventAdmin 10023 UPDATE_ADMIN_ROLE Update administrative role

Administrator “{0}” attempted to update administrative role “{4}” ; managed in security domain “{5}”




eventAdmin 10024 LINK_PRINCIPAL_ADMIN_ROLE

Associate principal with administrative role

Administrator “{0}” attempted to associate principal “{8}” ; stored in identity source “{10}” and managed in security domain “{9}”

eventAdmin 10025 UNLINK_PRINCIPAL_ADMIN_ROLE

Disassociate principal from administrative role

Administrator “{0}” attempted to disassociate principal “{8}” ; stored in identity source “{10}” and managed in security domain “{9}”

eventAdmin 10026 CREATE_AUTH_POLICY Create authentication policy

Administrator “{0}” attempted to create authentication policy “{4}” ; to be managed in security domain “{5}”

eventAdmin 10027 DELETE_AUTH_POLICY Delete authentication policy

Administrator “{0}” attempted to delete authentication policy “{4}” ; managed in security domain “{5}”

eventAdmin 10028 UPDATE_AUTH_POLICY Update authentication policy

Administrator “{0}” attempted to update authentication policy “{4}” ; managed in security domain “{5}”




eventAdmin 10029 READ_AUTH_POLICY Read authentication policy

Administrator “{0}” attempted to view authentication policy “{4}” ; managed in security domain “{5}”

eventAdmin 10030 CREATE_PWD_POLICY Create password policy

Administrator “{0}” attempted to create password policy “{4}” ; to be managed in security domain “{5}”

eventAdmin 10031 DELETE_PWD_POLICY Delete password policy

Administrator “{0}” attempted to delete password policy “{4}” ; managed in security domain “{5}”

eventAdmin 10032 UPDATE_PWD_POLICY Update password policy

Administrator “{0}” attempted to update password policy “{4}” ; managed in security domain “{5}”

eventAdmin 10033 READ_PWD_POLICY Read password policy

Administrator “{0}” attempted to view password policy “{4}” ; managed in security domain “{5}”




eventAdmin 10034 CREATE_LOCKOUT_POLICY Create lockout policy

Administrator “{0}” attempted to create lockout policy “{4}” ; to be managed in security domain “{5}”

eventAdmin 10035 DELETE_LOCKOUT_POLICY Delete lockout policy

Administrator “{0}” attempted to delete lockout policy “{4}” ; managed in security domain “{5}”

eventAdmin 10036 UPDATE_LOCKOUT_POLICY Update lockout policy

Administrator “{0}” attempted to update lockout policy “{4}” ; managed in security domain “{5}”

eventAdmin 10037 READ_LOCKOUT_POLICY Read lockout policy

Administrator “{0}” attempted to view lockout policy “{4}” ; managed in security domain “{5}”

eventAdmin 10038 UNLINK_SECURITY_DOMAIN_POLICIES

Unlink security domain policies

Administrator “{0}” attempted to unlink polices from security domain “{4}”

eventAdmin 10039 CREATE_GROUP Create group Administrator “{0}” attempted to create group “{4}” ; to be stored in identity source “{6}” and managed in security domain “{5}”




eventAdmin 10040 UPDATE_GROUP Update group Administrator “{0}” attempted to update group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10041 REGISTER_GROUP Register group Administrator “{0}” attempted to register group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10042 UNREGISTER_GROUP Unregister group Administrator “{0}” attempted to unregister group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10043 READ_GROUP Read group Administrator “{0}” attempted to read group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10044 DELETE_GROUP Delete group Administrator “{0}” attempted to delete group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”




eventAdmin 10045 LINK_GROUP_GROUP Associate group with group

Administrator “{0}” attempted to associate group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10046 UNLINK_GROUP_GROUP Disassociate group from group

Administrator “{0}” attempted to disassociate group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10047 LINK_GROUP_PRINCIPAL Associate group with principal

Administrator “{0}” attempted to associate group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10048 UNLINK_GROUP_PRINCIPAL Disassociate Group from Principal

Administrator “{0}” attempted to disassociate group “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10049 FIND_ORPHANED_GROUPS Find unresolvable groups

Administrator “{0}” attempted to find unresolvable groups in identity source “{4}”




eventAdmin 10050 REMOVE_ORPHANED_GROUPS

Remove unresolvable groups

Administrator “{0}” attempted to clean up unresolvable groups in identity source “{4}”

eventAdmin 10051 CREATE_PRINCIPAL Create principal Administrator “{0}” attempted to create principal “{4}” ; to be stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10052 REGISTER_PRINCIPAL Register principal Administrator “{0}” attempted to register principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10053 UNREGISTER_PRINCIPAL Unregister principal

Administrator “{0}” attempted to unregister principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10054 DELETE_PRINCIPAL Delete principal Administrator “{0}” attempted to delete principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”




eventAdmin 10055 UPDATE_PRINCIPAL Update principal User “{0}” attempted to update principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10056 READ_PRINCIPAL Read principal Administrator “{0}” attempted to read principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10057 FIND_ORPHANED_PRINCIPALS

Find unresolvable users

Administrator “{0}” attempted to find unresolvable users in identity source “{4}”

eventAdmin 10059 CREATE_PRINCIPAL_PREFERENCES

Assign console preferences to principal

Administrator “{0}” attempted to assign preferences to principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10060 DELETE_PRINCIPAL_PREFERENCES

Remove console preferences for principal

Administrator “{0}” attempted to remove preferences for principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”




eventAdmin 10061 UPDATE_PRINCIPAL_PREFERENCES

Update console preferences for principal

Administrator “{0}” attempted to update preferences for principal ; “{4}” stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10062 READ_PRINCIPAL_PREFERENCES

Read console preferences for principal

Administrator “{0}” attempted to read preferences for principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10063 CREATE_REALM_PREFERENCES

Assign console preferences to realm

Administrator “{0}” attempted to assign preferences for realm “{5}”

eventAdmin 10064 DELETE_REALM_PREFERENCES

Remove console preferences for realm

Administrator “{0}” attempted to remove preferences for realm “{5}”

eventAdmin 10065 UPDATE_REALM_PREFERENCES

Update console preferences for realm

Administrator “{0}” attempted to change preferences for realm “{5}”

eventAdmin 10066 READ_REALM_PREFERENCES Read console preferences for realm

Administrator “{0}” attempted to read preferences for realm “{5}”

eventAdmin 10067 DEREFERENCE_REALM Dereference realm

Administrator “{0}” attempted to dereference realm “{4}”




eventAdmin 10068 CREATE_REPORT_QUERY Create report query

Administrator “{0}” attempted to create report query “{4}” ; to be managed in security domain “{5}”

eventAdmin 10069 DELETE_REPORT_QUERY Delete report query

Administrator “{0}” attempted to delete report query “{4}” ; managed in security domain “{5}”

eventAdmin 10070 UPDATE_REPORT_QUERY Update report query

Administrator “{0}” attempted to update report query “{4}” ; managed in security domain “{5}”

eventAdmin 10071 READ_REPORT_QUERY Read report query Administrator “{0}” attempted to read report query “{4}” ; managed in security domain “{5}”

eventAdmin 10072 SESSION_FORCED_LOGOFF Force session logoff for principal

Administrator “{0}” attempted a forced session logoff for principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”




eventAdmin 10073 SESSION_FETCH Fetch session for principal

Administrator “{0}” attempted to fetch the session of principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10074 SESSION_MODIFICATION Session attribute modification

Administrator “{0}” modified a session attribute of principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10075 ASSOCIATE_PWD_POLICY_TO_SECURITY_DOMAIN

Associate password policy with security domain

Administrator “{0}” attempted to associate a password policy with a security domain

eventAdmin 10076 ASSOCIATE_LOCKOUT_POLICY_TO_SECURITY_DOMAIN

Associate lockout policy with security domain

Administrator “{0}” attempted to associate a lockout policy with a security domain

eventAdmin 10077 ASSOCIATE_AUTHN_POLICY_TO_SECURITY_DOMAIN

Associate authentication policy with security domain

Administrator “{0}” attempted to associate an authentication policy with a security domain

eventAdmin 10078 DIS_ASSOCIATE_PWD_POLICY_FROM_SECURITY_DOMAIN

Disassociate password policy from security domain

Administrator “{0}” attempted to disassociate a password policy from a security domain




eventAdmin 10079 DIS_ASSOCIATE_LOCKOUT_POLICY_FROM_SECURITY_DOMAIN

Disassociate lockout policy from security domain

Administrator “{0}” attempted to disassociate a lockout policy from a security domain

eventAdmin 10080 DIS_ASSOCIATE_AUTHN_POLICY_FROM_SECURITY_DOMAIN

Disassociate authentication policy from security domain

Administrator “{0}” attempted to disassociate an authentication policy from a security domain

eventAdmin 10081 CREATE_SELFSERVICE_POLICY

Create self-service troubleshooting policy

Administrator “{0}” attempted to create self-service troubleshooting policy “{4}” ; to be managed in security domain “{5}”

eventAdmin 10082 DELETE_SELFSERVICE_POLICY

Delete self-service troubleshooting policy

Administrator “{0}” attempted to delete self-service troubleshooting policy “{4}” ; managed in security domain “{5}”

eventAdmin 10083 UPDATE_SELFSERVICE_POLICY

Update self-service troubleshooting policy

Administrator “{0}” attempted to update self-service troubleshooting policy “{4}” ; managed in security domain “{5}”




eventAdmin 10084 READ_SELFSERVICE_POLICY Read self-service troubleshooting policy

Administrator “{0}” attempted to view self-service troubleshooting policy “{4}” ; managed in security domain “{5}”

eventAdmin 10085 ASSOCIATE_SELFSERVICE_POLICY_TO_SECURITY_DOMAIN

Associate self-service troubleshooting policy with security domain

Administrator “{0}” attempted to associate a self-service troubleshooting policy with a security domain

eventAdmin 10086 DIS_ASSOCIATE_SELFSERVICE_POLICY_FROM_SEC_DOM

Disassociate self-service troubleshooting policy from security domain

Administrator “{0}” attempted to disassociate a self-service troubleshooting policy from a security domain

eventAdmin 10087 UPDATE_SECURITY_QUESTIONS_POLICY

Update security question policy

Administrator “{0}” attempted to update security question policy “{4}” ; managed in security domain “{5}”

eventAdmin 10088 READ_SECURITY_QUESTIONS_POLICY

Read security question policy

Administrator “{0}” attempted to view security question policy “{4}” ; managed in security domain “{5}”

eventAdmin 10089 READ_SECURITY_QUESTIONS_LIST

Read security questions list

Administrator “{0}” attempted to view security questions list ?c{4}”




eventAdmin 10200 CREATE_TRUST Create trust realm Administrator “{0}” attempted to create trust realm “{4}” ; to be managed in security domain “{5}”

eventAdmin 10201 DELETE_TRUST Delete trust realm Administrator “{0}” attempted to delete trust realm “{4}” ; managed in security domain “{5}”

eventAdmin 10202 UPDATE_TRUST Update trust realm

Administrator “{0}” attempted to update trust realm “{4}” ; managed in security domain “{5}”

eventAdmin 10203 READ_TRUST Read trust realm Administrator “{0}” attempted to read trust realm “{4}” ; managed in security domain “{5}”

eventAdmin 10204 MANAGE_ATTR_CATEGORY Manage attribute category

Administrator “{0}” attempted to manage attribute category“{4}” ; managed in security domain “{5}”

eventAdmin 10205 IMPORT_PWD_DICTIONARY Import Password Dictionary

Administrator “{0}” attempted to import password dictionary “{4}”

eventAdmin 10206 EXPORT_PWD_DICTIONARY Export Password Dictionary

Administrator “{0}” attempted to export password dictionary “{4}”




eventAdmin 10207 DELETE_PWD_DICTIONARY Delete Password Dictionary

Administrator “{0}” attempted to delete password dictionary “{4}”

eventAdmin 10208 READ_PWD_DICTIONARY Read Password Dictionary

Administrator “{0}” attempted to read password dictionary “{4}”

eventAdmin 10209 DELETE_BATCH_JOB Delete batch job Administrator “{0}” attempted to delete “{11}” batch job “{4}”

eventAdmin 10210 READ_BATCH_JOB Read batch job Administrator “{0}” attempted to read “{11}” batch job “{4}”

eventAdmin 10211 READ_SCHEDULE_JOB Read scheduled job

Administrator “{0}” attempted to read scheduled “{11}” batch job “{4}”

eventAdmin 10212 ADD_BATCH_JOB Add batch job Administrator “{0}” attempted to add “{11}” batch job “{4}”

eventAdmin 10213 SCHEDULE_BATCH_JOB Schedule batch job

Administrator “{0}” attempted to schedule “{11}” batch job “{4}”

eventAdmin 10214 DELETE_SCHEDULE_JOB Delete scheduled job

Administrator “{0}” attempted to delete scheduled “{11}” job “{4}”

eventAdmin 10215 CANCEL_BATCH_JOB Cancel batch job Administrator “{0}” attempted to cancel “{11}” batch job “{4}”




eventAdmin 10216 CANCEL_SCHEDULE_JOB Cancel scheduled job

Administrator “{0}” attempted to cancel scheduled “{11}” batch job “{4}”

eventAdmin 10217 READ_REPORT_DATA Read report data Administrator “{0}” attempted to read result of report “{4}” ; managed in security domain “{5}”

eventAdmin 10218 READ_REPORT_META_DATA Read report meta data

Administrator “{0}” attempted to read meta data of report “{4}” ; managed in security domain “{5}”

eventAdmin 10219 CREATE_REPORT_CLASS Create report generation class

Administrator “{0}” attempted to create a report generation instance of “{4}”

eventAdmin 10220 LOOKUP_PRINCIPALS Lookup principals

Administrator “{0}” attempted to lookup principals stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10243 ASSIGN_SYSTEMFIELDS_USER_ROLE

Assign system user an administrator role

Super Administrator “{0}” attempted to assign administrative role “{8}” to system user “{4}”.




eventAdmin 10244 RESET_SYSTEMFIELDS_USER_PASSWORD

Reset system user password

Super Administrator “{0}” attempted to reset system user “{4}” password.

eventAdmin 10245 UNASSIGN_SYSTEMFIELDS_USER_ROLE

Unassign system user an administrator role

Super Administrator “{0}” attempted to unassign administrative role “{8}” from system user “{4}”.

eventAdmin 10246 LIST_SYSTEMFIELDS_USERS List system users Super Administrator “{0}” attempted to list system users with administrative roles such as Operations Console admin.

eventAdmin 10247 CREATE_SYSTEMFIELDS_ROLE

Create system administrator role

Super Administrator “{0}” attempted to create new system administrator role “{4}”. System administrator roles have no attributes other than a name.

eventAdmin 10248 DELETE_SYSTEMFIELDS_ROLE

Delete system administrator role

Super Administrator “{0}” attempted to delete system administrator role “{4}”.

eventAdmin 10249 FIND_ORPHANED_PRINCIPALS_IS_UNSPECIFIED

Find unresolvable users

Administrator “{0}” attempted to find unresolvable users




eventAdmin 10250 CLEANUP_UNRESOLVED_USERS_IS_UNSPECIFIED

Cleaning unresolvable users

Administrator “{0}” attempted to clean unresolvable users

eventAdmin 10251 REMOVE_UNRESOLVED_PRINCIPAL

Cleaning unresolvable user

Administrator “{0}” cleaned unresolvable user “{4}” from identity source “{6}”

eventAdmin 10252 CLEANUP_UNRESOLVED_USERS_IS_UNSPECIFIED_START

Started manual cleanup of unresolvable users

Administrator “{0}” started cleaning unresolvable users

eventAdmin 10253 CLEANUP_UNRESOLVED_USERS_IS_UNSPECIFIED_END

Completed manual cleanup of unresolvable users

Administrator “{0}” has cleaned unresolvable users

eventAdmin 10254 BATCH_JOB_CLEANUP_UNRESOLVED_USERS_GROUPS_START

Started scheduled cleanup of unresolvable users and groups

System started scheduled cleanup of unresolvable users and groups

eventAdmin 10255 BATCH_JOB_CLEANUP_UNRESOLVED_USERS_GROUPS_END

Completed scheduled cleanup of unresolvable users and groups

System has completed scheduled cleanup of unresolvable users and groups

eventAdmin 10256 BATCH_JOB_CLEANUP_UNRESOLVED_USERS_GROUPS_ERRORS

Errors occured during scheduled cleanup of unresolvable users and groups

System has completed scheduled cleanup of unresolvable users and groups ; but cleanup did not complete normally. Consult the system log for more details.




eventAdmin 10257 REMOVE_UNRESOLVED_GROUP

Cleaning unresolvable group

Administrator “{0}” cleaned unresolvable group “{4}” from identity source “{6}”

eventAdmin 10258 MARK_UNRESOLVABLE_USER

Marking user as unresolvable

User “{4}” is missing from identity source “{6}”. Marking user as unresolvable.

eventAdmin 10259 MOVE_PRINCIPAL_ACROSS_IDENTITYSOURCE

User moved across identity sources

User “{4}” has been moved from identity source “{6}” to identity source “{11}” as a result of an update made to the directory server.

eventAdmin 10260 TEST_IDENTITY_SOURCE_CONN_FAILED

Cannot test the connection to the directory server.

The administrator “{0}” attempting to test the connection does not have permission to perform the test.

eventAdmin 10261 SEARCH_GROUP Search groups Administrator “{0}” attempted to search groups in identity source “{4}”

eventAdmin 10262 CREATE_RBA_POLICY Create RBA policy

Administrator “{0}” attempted to create RBA policy “{4}” ; to be managed in security domain “{5}”




eventAdmin 10263 DELETE_RBA_POLICY Delete RBA policy

Administrator “{0}” attempted to delete RBA policy “{4}” ; managed in security domain “{5}”

eventAdmin 10264 UPDATE_RBA_POLICY Update RBA policy

Administrator “{0}” attempted to update RBA policy “{4}” ; managed in security domain “{5}”

eventAdmin 10265 READ_RBA_POLICY Read RBA policy Administrator “{0}” attempted to view RBA policy “{4}” ; managed in security domain “{5}”

eventAdmin 10266 ASSOCIATE_RBA_POLICY_TO_SECURITY_DOMAIN

Associate RBA policy with security domain

Administrator “{0}” attempted to associate a RBA policy with a security domain

eventAdmin 10267 DIS_ASSOCIATE_RBA_POLICY_FROM_SEC_DOM

Disassociate RBA policy from security domain

Administrator “{0}” attempted to disassociate a RBA policy from a security domain

eventAdmin 10268 CLEAR_DEVICE_BINDINGS Clear device bindings for principal

Administrator “{0}” attempted to clear device bindings for principal “{4}” ; stored in identity source “{6}” and managed in security domain “{5}”




eventAdmin 10269 MANAGE_SECURITY_DOMAIN_MAPPINGS

Manage Security Domain Mappings for IS

Administrator “{0}” attempted to manage security domain mappings for Identity Source

eventAdmin 10270 ENABLE_PRINCIPALS_FOR_RBA

Enable principals for RBA

Administrator “{0}” attempted to enable multiple principals for RBA

eventAdmin 10271 UPDATE_SECURITY_QUESTIONS_LIST

Update Security Questions

Administrator “{0}” attempted to update Security Questions

eventAdmin 10272 ENABLE_PRINCIPAL_FOR_RBA

Enable principal for RBA

Administrator “{0}” attempted to enable principal “{4}” for RBA ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10273 ADD_CERTIFICATE Add certificate Administrator “{0}” attempted to add certificate “{4}”

eventAdmin 10274 DELETE_CERTIFICATE Delete certificate Administrator “{0}” attempted to delete certificate “{11}”

eventAdmin 10275 READ_CERTIFICATE Read certificate Administrator “{0}” attempted to read certificate “{4}”

eventAdmin 10276 UPDATE_CERTIFICATE Update certificate Administrator “{0}” attempted to update certificate “{4}”




eventAdmin 10277 ADD_WEBTIER_DEPLOYMENT

Add Webtier Deployment

Administrator “{0}” attempted to add WebTier Deployment “{4}”

eventAdmin 10278 UPDATE_WEBTIER_DEPLOYMENT

Update Webtier Deployment

Administrator “{0}” attempted to update WebTier Deployment “{4}”

eventAdmin 10279 DELETE_WEBTIER_DEPLOYMENT

Delete Webtier Deployment

Administrator “{0}” attempted to delete WebTier Deployment “{4}”

eventAdmin 10280 GENERATE_WEBTIER_PACKAGE

Generate Webtier Package

Administrator “{0}” attempted to generate WebTier package for “{4}”

eventAdmin 10282 ADD_SERVER_NODE Add Server Node Administrator “{0}” attempted to add a server node with hostname “{4}” to the cluster

eventAdmin 10283 REMOVE_SERVER_NODE Remove Server Node

Administrator “{0}” attempted to remove a server node with hostname “{4}” from the cluster

eventAdmin 10284 REMOVE_SECURITY_QUESTION_ANSWERS

Remove Security Question Answers

User “{0}” attempted to remove Security Question Answers

eventAdmin 10285 UPDATE_SECURITY_QUESTION_ANSWERS

Update Security Question Answers

User “{0}” attempted to update Security Question Answers




eventAdmin 10286 DISABLE_PRINCIPAL_FOR_RBA

Disable principal for RBA

Administrator “{0}” attempted to disable principal “{4}” for RBA ; stored in identity source “{6}” and managed in security domain “{5}”

eventAdmin 10287 UPDATE_PRINCIPAL_LOGINUID

Update User ID System attempted to update the User ID for principal “{4}” to “{11}” as a result of an update made to the directory server. The principal is stored in identity source “{6}” and managed in security domain “{5}”.

eventAdmin 10288 UPDATE_PRINCIPAL_EXUID Update unique identifier

System attempted to update the unique identifier for principal “{4}” as a result of an update made to the directory server. The principal is stored in identity source “{6}” and managed in security domain “{5}”.




eventAdmin 10289 MOVE_PRINCIPAL_WITHIN_IDENTITYSOURCE

User moved within identity source

System attempted to update the DN for principal “{4}” because the principal was moved in the directory server. The principal is stored in identity source “{6}” and managed in security domain “{5}”.

eventAdmin 10290 UPDATE_PRINCIPAL_FOR_LDAP_CHANGE

Update principal System attempted to update principal “{4}” based on changes made in identity source “{6}”.

eventAdmin 10291 RESTORE_ADMIN Restore admin System attempted to create Super Admin “{11}” using restore admin utility.

eventAdmin 10292 CREATE_SYSTEMFIELDS_USER

Create system user

Super Administrator “{0}” attempted to create system user “{4}”. System user accounts have no attributes other than a userID and password.

eventAdmin 10293 DELETE_SYSTEMFIELDS_USER

Delete system user

Super Administrator “{0}” attempted to delete system user “{4}”. System user accounts have no attributes other than a userID and password.




eventAdmin 10294 UPDATE_WEBTIER_CUSTOMIZATION

Update Webtier Customization

Administrator “{0}” attempted to update WebTier Customization Configuration “{4}”

eventAdmin 20001 CREATE_AM_PRINCIPAL Create Principal Administrator “{0}” attempted to create principal “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20002 UPDATE_AM_PRINCIPAL Update Principal User “{0}” attempted to update principal “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20003 DELETE_AM_PRINCIPAL Delete Principal Administrator “{0}” attempted to delete principal “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20004 READ_AM_PRINCIPAL_EMERGENCY_ACCESS_INFO

Read Principal Emergency Access Info

Administrator “{0}” attempted to read principal emergency access info “{4}” stored in identity source “{6}” managed in security domain “{5}”




eventAdmin 20005 CLEARBADPASSCODES Clear Bad Passcodes

Administrator “{0}” attempted to clear bad passcodes “{4}” managed in security domain “{5}”

eventAdmin 20006 READ_AM_TOKEN_OFFLINE_EMERGENCY_ACCESS_INFO

Read Token Offline Emergency Access Info

Administrator “{0}” attempted to read offline emergency access info for token “{4}” managed in security domain “{5}”

eventAdmin 20007 READ_AM_TOKEN_ONLINE_EMERGENCY_ACCESS_INFO

Read Token Online Emergency Access Info

Administrator “{0}” attempted to read online emergency access info for token “{4}” managed in security domain “{5}”

eventAdmin 20008 UPDATE_AM_TOKEN_ONLINE_EMERGENCY_ACCESS_INFO

Update Token Online Emergency Access Info

Administrator “{0}” attempted to update online emergency access info for token “{4}” managed in security domain “{5}”

eventAdmin 20009 AM_TOKEN_ENABLED Enable Token Administrator “{0}” attempted to enable token “{4}” managed in security domain “{5}”.




eventAdmin 20010 AM_TOKEN_DISABLED Disable Token Administrator “{0}” attempted to disable token “{4}” managed in security domain “{5}”

eventAdmin 20011 AM_CLEAR_TOKEN_PIN Clear Token Pin Administrator “{0}” attempted to clear pin for token “{4}” managed in security domain “{5}”

eventAdmin 20012 AM_SET_NEW_PIN_MODE Set New Pin Mode

Administrator “{0}” attempted to set new pin mode for token “{4}” managed in security domain “{5}”

eventAdmin 20013 AM_RESET_PIN Reset Token Pin Administrator “{0}” attempted to reset token pin “{4}” managed in security domain “{5}”

eventAdmin 20014 AUTHMGR_AGENT_CREATE Create Agent Administrator “{0}” attempted to create agent “{4}” managed in security domain “{5}”

eventAdmin 20015 AM_ASSIGN_FIXED_PASSCODE

Assign Fixed Passcode

Administrator “{0}” attempted to assign a fixed passcode for token “{4}” managed in security domain “{5}”




eventAdmin 20016 AM_UNASSIGN_FIXED_PASSCODE

Unassign Fixed Passcode

Administrator “{0}” attempted to unassign a fixed passcode for token “{4}” managed in security domain “{5}”

eventAdmin 20017 AUTHMGR_AGENT_DELETE Delete Agent Administrator “{0}” attempted to delete agent “{4}” managed in security domain “{5}”

eventAdmin 20018 AUTHMGR_AGENT_ENABLE Enable Agent Administrator “{0}” attempted to enable agent “{4}” managed in security domain “{5}”

eventAdmin 20019 AUTHMGR_AGENT_READ Read Agent Administrator “{0}” attempted to read agent “{4}” managed in security domain “{5}”

eventAdmin 20020 AUTHMGR_AGENT_UPDATE Update Agent Administrator “{0}” attempted to update agent “{4}” managed in security domain “{5}”

eventAdmin 20021 AUTHMGR_AGENT_LINK_APSLIST

Link Agent and Agent Protocol Server List

Administrator “{0}” attempted to link agent “{4}” managed in security domain “{5}” with agent protocol server list “{8}” managed in security domain “{9}”




eventAdmin 20024 READ_AM_PRINCIPAL Read Principal Administrator “{0}” attempted to read principal “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20025 IMPORT_TOKEN Import Token Administrator “{0}” attempted to import token “{4}” managed in security domain “{5}”

eventAdmin 20026 CREATE_AM_TOKEN Create Token Administrator “{0}” attempted to create token “{4}” managed in security domain “{5}”

eventAdmin 20027 UPDATE_AM_TOKEN Update Token Administrator “{0}” attempted to update token “{4}” managed in security domain “{5}”

eventAdmin 20028 DELETE_AM_TOKEN Delete Token Administrator “{0}” attempted to delete token “{4}” managed in security domain “{5}”

eventAdmin 20029 SEARCH_AM_TOKEN Search Token Administrator “{0}” attempted to search for tokens managed in security domain “{5}”




eventAdmin 20030 NEXT_AVAILABLE_AM_TOKEN

Get Next Available Token

Administrator “{0}” attempted to get the next available token managed in security domain “{5}”

eventAdmin 20031 AUTHMGR_TOKEN_ATTRIBUTE_DELETE

Delete Token Attribute

Administrator “{0}” attempted to delete attribute token “{4}” managed in security domain “{5}”

eventAdmin 20032 AUTHMGR_TOKEN_ATTRIBUTE_CREATE

Create Token Attribute

Administrator “{0}” attempted to create attribute for token “{4}” managed in security domain “{5}”

eventAdmin 20033 AUTHMGR_TOKEN_ATTRIBUTE_UPDATE

Update Token Attribute

Administrator “{0}” attempted to update attribute for token “{4}” managed in security domain “{5}”

eventAdmin 20034 AUTHMGR_CR_TRUSTED_REALM_CREATE

Create Trusted Realm

Administrator “{0}” attempted to create trusted realm “{4}” stored in identity source “{6}” managed in security domain “{5}”




eventAdmin 20035 AUTHMGR_CTKIP_AUTHCODE_CREATE

Create CTKIP Authcode

Administrator “{0}” attempted to create CTKIP authcode “{4}” managed in security domain “{5}”

eventAdmin 20036 AUTHMGR_CTKIP_AUTHCODE_DELETE

Delete CTKIP Authcode

Administrator “{0}” attempted to delete CTKIP authcode “{4}” managed in security domain “{5}”

eventAdmin 20037 AUTHMGR_CTKIP_AUTHCODE_READ

Read CTKIP Authcode

Administrator “{0}” attempted to read CTKIP authcode “{4}” managed in security domain “{5}”

eventAdmin 20038 AUTHMGR_CTKIP_MANAGEMENT

Manage CTKIP Administrator “{0}” attempted to manage CTKIP “{4}” managed in security domain “{5}”

eventAdmin 20039 AUTHMGR_TOKEN_SET_TOKENCODE_ONLY_PINTYPE

Set Tokencode only

Administrator “{0}” attempted to set tokencode only pintype for token “{4}” managed in security domain “{5}”

eventAdmin 20040 AUTHMGR_TOKEN_SET_PASSCODE_PINTYPE

Set Token Passcode Pin type

Administrator “{0}” attempted to set passcode pin type for token “{4}” in security domain “{5}”




eventAdmin 20041 SYNC_TOKENS Sync Token Administrator “{0}” attempted to sync token “{4}” managed in security domain “{5}”

eventAdmin 20042 READ_AM_TOKEN_EMERGENCY_ACCESS_INFO

Read Token Emergency Access Info

Administrator “{0}” attempted to read token emergency access “{4}” info managed in security domain “{5}”

eventAdmin 20043 READ_TOKEN Read Token Administrator “{0}” attempted to read token “{4}” managed in security domain “{5}”

eventAdmin 20044 UPDATE_AM_TOKEN_OFFLINE_EMERGENCY_ACCESS_INFO

Update Token Offline Emergency Access Info

Administrator “{0}” attempted to update offline emergency acess info for token “{4}” managed in security domain “{5}”

eventAdmin 20045 AM_LINK_TOKEN_PRINCIPAL Link Token with Principal

Administrator “{0}” attempted to link token “{4}” managed in security domain “{5}” with principal “{8}” stored in identity source “{10}” managed in security domain “{9}”




eventAdmin 20046 AM_UNLINK_TOKEN_PRINCIPAL

Unlink Token with Principal

Administrator “{0}” attempted to unlink token “{4}” managed in security domain “{5}” with principal “{8}” stored in identity source “{10}” managed in security domain “{9}”

eventAdmin 20047 AUTHMGR_TOKEN_STAT_SEARCH

Search Token Statistics

Administrator “{0}” attempted to search for token statistics managed in security domain “{5}” with principal “{8}” stored in identity source “{10}” managed in security domain “{9}”

eventAdmin 20048 AUTHMGR_OFFLINE_AUTHN_POLICY_CREATE

Create Offline Authentication Policy

Administrator “{0}” attempted to create offline authentication policy “{4}” managed in security domain “{5}”

eventAdmin 20049 AUTHMGR_OFFLINE_AUTHN_POLICY_DELETE

Delete Offline Authentication Policy

Administrator “{0}” attempted to delete offline authentication policy “{4}” managed in security domain “{5}”




eventAdmin 20050 AUTHMGR_OFFLINE_AUTHN_POLICY_READ

Read Offline Authentication Policy

Administrator “{0}” attempted to read offline authentication policy “{4}” managed in security domain “{5}”

eventAdmin 20051 AUTHMGR_OFFLINE_AUTHN_POLICY_UPDATE

Update Offline Authentication Policy

Administrator “{0}” attempted to update offline authentication policy “{4}” managed in security domain “{5}”

eventAdmin 20052 AUTHMGR_TOKEN_POLICY_CREATE

Create Token Policy

Administrator “{0}” attempted to create token policy “{4}” managed in security domain “{5}”

eventAdmin 20053 AUTHMGR_TOKEN_POLICY_UPDATE

Update Token Policy

Administrator “{0}” attempted to update token policy “{4}” managed in security domain “{5}”

eventAdmin 20054 AUTHMGR_TOKEN_POLICY_DELETE

Delete Token Policy

Administrator “{0}” attempted to delete token policy “{4}” managed in security domain “{5}”

eventAdmin 20055 AUTHMGR_TOKEN_POLICY_READ

Read Token Policy

Administrator “{0}” attempted to read token policy “{4}” managed in security domain “{5}”




eventAdmin 20056 INSUFFICIENT_PRIVILEGE Insufficient Privilege

Administrator “{0}” attempted an action having insufficient privileges

eventAdmin 20057 AUTHMGR_AGENT_GROUP_LINK_UNLINK

Link or Unlink Agent with Group

Administrator “{0}” attempted to link agent “{4}” managed in security domain “{5}” with group “{8}” stored in identity source “{10}” managed in security domain “{9}”

eventAdmin 20058 AUTHMGR_AGENT_GROUP_LINK

Link Agent with Group

Administrator “{0}” attempted to link agent “{4}” managed in security domain “{5}” with group “{8}” stored in identity source “{10}” managed in security domain “{9}”

eventAdmin 20059 AUTHMGR_AGENT_GROUP_UNLINK

UnLink Agent with Group

Administrator “{0}” attempted to unlink agent “{4}” managed in security domain “{5}” with group “{8}” stored in identity source “{10}” managed in security domain “{9}”




eventAdmin 20060 AUTHMGR_AGENT_DISABLE Disable Agent Administrator “{0}” attempted to disable agent “{4}” managed in security domain “{5}”

eventAdmin 20061 AUTHMGR_NODE_SECRET_EXPORTED

Agent Node Secret Export

Administrator “{0}” attempted to export node secret file for agent “{4}” managed in security domain “{5}”

eventAdmin 20062 AUTHMGR_AGENT_MOVED Move Agent Administrator “{0}” attempted to move agent “{4}” managed in security domain “{5}”

eventAdmin 20063 AUTHMGR_AGENT_CLEAR_NODESECRET

Clear Agent Node Secret

Administrator “{0}” attempted to clear node secret for agent “{4}” managed in security domain “{5}”

eventAdmin 20064 AUTHMGR_APS_LOOKUP Lookup Agent Protocol Server

Administrator “{0}” attempted to lookup Agent Protocol Server “{4}” managed in security domain “{5}”

eventAdmin 20065 AUTHMGR_APS_GENERATE_CONFIG

Generate Agent Protocol Server Config

Administrator “{0}” attempted to generate Agent Protocol Server Config “{4}”




eventAdmin 20066 AUTHMGR_APS_CREATE Create Agent Protocol Server

Administrator “{0}” attempted to create Agent Protocol Server “{4}” managed in security domain “{5}”

eventAdmin 20067 AUTHMGR_APS_DELETE Delete Agent Protocol Server

Administrator “{0}” attempted to delete Agent Protocol Server “{4}” managed in security domain “{5}”

eventAdmin 20068 AUTHMGR_APS_UPDATE Update Agent Protocol Server

Administrator “{0}” attempted to update Agent Protocol Server “{4}” managed in security domain “{5}”

eventAdmin 20069 AUTHMGR_APS_LOOKUP_BY_IP

Lookup Agent Protocol Server by IP

Administrator “{0}” attempted to lookup Agent Protocol Server by IP “{4}” managed in security domain “{5}”

eventAdmin 20070 AUTHMGR_APS_LIST_CREATE

Create Agent Protocol Server List

Administrator “{0}” attempted to create Agent Protocol Server list “{4}” managed in security domain “{5}”




eventAdmin 20071 AUTHMGR_APS_LIST_DELETE

Delete Agent Protocol Server List

Administrator “{0}” attempted to delete Agent Protocol Server List “{4}” managed in security domain “{5}”

eventAdmin 20072 AUTHMGR_APS_LIST_UPDATE

Update Agent Protocol Server List

Administrator “{0}” attempted to update Agent Protocol Server List “{4}” managed in security domain “{5}”

eventAdmin 20073 AUTHMGR_APS_LIST_LOOKUP

Lookup Agent Protocol Server List

Administrator “{0}” attempted to lookup Agent Protocol Server List “{4}” managed in security domain “{5}”

eventAdmin 20074 AUTHMGR_HOST_CREATE Create Host Administrator “{0}” attempted to create host “{4}” managed in security domain “{5}”

eventAdmin 20075 AUTHMGR_HOST_DELETE Delete Host Administrator “{0}” attempted to delete host “{4}” managed in security domain “{5}”

eventAdmin 20076 AUTHMGR_HOST_UPDATE Update Host Administrator “{0}” attempted to update host “{4}” managed in security domain “{5}”




eventAdmin 20077 AUTHMGR_HOST_LOOKUP Update Host Administrator “{0}” attempted to lookup host “{4}” managed in security domain “{5}”

eventAdmin 20078 AUTHMGR_HOST_LOOKUP_BY_IP

Update Host By IP

Administrator “{0}” attempted to lookup host by IP “{4}” managed in security domain “{5}”

eventAdmin 20079 AUTHMGR_HOST_LOOKUP_BY_IPPROXY

Update Host By IP Proxy

Administrator “{0}” attempted to lookup host by IP proxy “{4}” managed in security domain “{5}”

eventAdmin 20080 AUTHMGR_HOST_FIND_INSENSITIVE

Find Host Case Insensitive

Administrator “{0}” attempted to find host case insensitive “{4}” managed in security domain “{5}”

eventAdmin 20081 AUTHMGR_FILE_CREATE Create File Data Administrator “{0}” attempted to create file “{4}” managed in security domain “{5}”

eventAdmin 20082 AUTHMGR_FILE_READ Read File Data Administrator “{0}” attempted to read file “{4}” managed in security domain “{5}”




eventAdmin 20083 AUTHMGR_FILE_DELETE Delete File Data Administrator “{0}” attempted to delete file “{4}” managed in security domain “{5}”

eventAdmin 20084 AUTHMGR_FILE_UPDATE Update File Data Administrator “{0}” attempted to update file “{4}” managed in security domain “{5}”

eventAdmin 20085 AUTHMGR_REALM_ADD Create Realm Administrator “{0}” attempted to create realm “{4}” managed in security domain “{5}”

eventAdmin 20086 AUTHMGR_OFFLINE_ADMIN_POLICY_ACTION

Offline Admin Policy Action

Administrator “{0}” attempted to manipulate admin policy “{4}” managed in security domain “{5}”

eventAdmin 20087 AUTH_NODE_SECRET_FILE_DOWNLOADED

Download Agent Node Secret File

Administrator “{0}” attempted to download node secret file for agent “{4}” managed in security domain “{5}”

eventAdmin 20088 AUTHMGR_SERVER_CONFIG_DOWNLOAD

Download Agent Protocol Server Config

Administrator “{0}” attempted to download Agent Protocol Server Config “{4}”




eventAdmin 20089 EXPORT_SOFT_TOKEN Export Soft Token

Administrator “{0}” attempted to export soft token “{4}” managed in security domain “{5}”

eventAdmin 20090 AUTHMGR_SD_PREDELETE_VALIDATION

Validate Predelete Administrator “{0}” attempted to validate predeleted security domain properties

eventAdmin 20091 AUTHMGR_REALM_PREDELETE_TOKEN_ATTR_DELETE

Delete Token attributes from Security Domain

Administrator “{0}” attempted to delete token attributes “{4}” managed in security domain “{5}”

eventAdmin 20092 AUTHMGR_REALM_PREDELETE_TOKEN_DELETE

Delete Token from Security Domain

Administrator “{0}” attempted to delete token “{4}” managed in security domain “{5}”

eventAdmin 20093 AUTHMGR_REALM_PREDELETE_HOST_DELETE

Delete Host from Security Domain

Administrator “{0}” attempted to delete host “{4}” managed in security domain “{5}”

eventAdmin 20094 AUTHMGR_REALM_PREDELETE_AGENT_DELETE

Delete Agent from Security Domain

Administrator “{0}” attempted to delete agent “{4}” managed in security domain “{5}”




eventAdmin 20095 CTKIP_GENERATE_KEY Generate CTKIP Key

Administrator “{0}” attempted to generate CTKIP key for CTKIP data “{4}” managed in security domain “{5}”

eventAdmin 20096 AM_REPORT_GENERATE_PRINCIPAL_NEVER_LOGGED_IN

Principal Never Logged In Report

Attempting to generate a report for principals who have never logged in using their tokens

eventAdmin 20097 AM_REPORT_SECDOMAIN_LOOKUP

Lookup Security Domain for Reporting

Looking up a security domain for reporting

eventAdmin 20098 AM_REPORT_IDENTITY_LOOKUP

Lookup Identity Source for Reporting

Looking up an identity source for reporting

eventAdmin 20099 SD_OAPOL_ASSOC Apply Offline Authentication Policy to Security Domain

Applying an offline authentication policy to a security domain

eventAdmin 20100 SD_OAPOL_DISASSOC Apply Realm Default Offline Authentication Policy to Security Domain

Applying the realm default offline authentication policy to a security domain

eventAdmin 20101 SD_TKNPOL_ASSOC Apply Token Policy to Security Domain

Applying a token policy to a security domain

eventAdmin 20102 SD_TKNPOL_DISASSOC Apply Realm Default Token Policy to Security Domain

Applying the realm default token policy to a security domain




eventAdmin 20103 AM_TOKEN_GENERATE_ONLINE_EA

Generate Emergency Access Code

Administrator “{0}” attempted to generate an emergency access code for principal “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20104 AUTHMGR_APS_SYNCHRONIZATION

Agent Protocol Server Synchronization

Administrator “{0}” attempted to synchronize agent protocol servers

eventAdmin 20105 LINK_UNLINK_TOKEN_PRINCIPAL

Link or Unlink Token and Principal

Administrator “{0}” attempted to link or unlink token “{4}” managed in security domain “{5}” with principal “{8}” stored in identity source “{10}” managed in security domain “{9}”

eventAdmin 20106 MIGRATION_INSUFFICIENT_PRIVILEGE

Migration Inusfficient Privilege

Administrator “{0}” does not have sufficient privileges to perform migration

eventAdmin 20107 AUTHMGR_CREATE_GROUP_RESTRICTED_ACCESS_HOURS

Create Time Restricted Access Hours

Administrator “{0}” attempted to create Time Restricted Access Hours “{4}” managed in security domain “{5}”




eventAdmin 20108 AUTHMGR_UPDATE_GROUP_RESTRICTED_ACCESS_HOURS

Update Time Restricted Access Hours

Administrator “{0}” attempted to update Time Restricted Access Hours “{4}” managed in security domain “{5}”

eventAdmin 20109 AUTHMGR_READ_GROUP_RESTRICTED_ACCESS_HOURS

Read Time Restricted Access Hours

Administrator “{0}” attempted to read Time Restricted Access Hours “{4}” managed in security domain “{5}”

eventAdmin 20110 TRUSTED_USER_GROUP_CREATE

Create Trusted User Group

Administrator “{0}” attempted to create Trusted User Group “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20111 TRUSTED_USER_GROUP_UPDATE

Update Trusted User Group

Administrator “{0}” attempted to update Trusted User Group “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20112 TRUSTED_USER_GROUP_DELETE

Delete Trusted User Group

Administrator “{0}” attempted to delete Trusted User Group “{4}” stored in identity source “{6}” managed in security domain “{5}”




eventAdmin 20113 TRUSTED_USER_GROUP_READ

Lookup a Trusted User Group

Administrator looked up a trusted user group

eventAdmin 20114 TRUSTED_USER_GROUP_REMOTE_PRINCIPAL_LINK

Link a Trusted User Group to a Trusted User

Administrator “{0}” attempted to link trusted user “{4}” stored in identity source “{6}” managed in security domain “{5}” with trusted user group “{8}” stored in identity source “{10}” managed in security domain “{9}”

eventAdmin 20115 TRUSTED_USER_GROUP_AGENT_UNLINK

Unlink a Trusted User Group to an Agent

Administrator “{0}” attempted to unlink agent “{4}” managed in security domain “{5}” with trusted user group “{8}” stored in identity source “{10}” managed in security domain “{9}”

eventAdmin 20116 TRUSTED_USER_GROUP_PROFILE_LINK_UNLINK

Link a Trusted User Group to a Profile

Administrator linked a trusted user group to a profile

eventAdmin 20117 REMOTE_PRINCIPAL_CREATE Create Trusted User

Administrator “{0}” attempted to create trusted user “{4}” for trusted realm “{11}” managed in local security domain “{5}”




eventAdmin 20118 REMOTE_PRINCIPAL_UPDATE Update Trusted User

Administrator “{0}” attempted to update trusted user “{4}” for trusted realm “{11}” managed in local security domain “{5}”

eventAdmin 20119 REMOTE_PRINCIPAL_DELETE Delete Trusted User

Administrator “{0}” attempted to delete trusted user “{4}” for trusted realm “{11}” managed in local security domain “{5}”

eventAdmin 20120 REMOTE_PRINCIPAL_READ Look up Trusted User

Administrator “{0}” attempted to look up trusted user “{4}” for trusted realm “{11}” managed in local security domain “{5}”

eventAdmin 20121 AM_TIME_RESTRICTED_ACCESS_ADD

Add Time Restricted Access to a Group

Administrator “{0}” added Time Restricted Access to Group “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20122 AM_TIME_RESTRICTED_ACCESS_UPDATE

Update Time Restricted Access for a Group

Administrator “{0}” updated Time Restricted Access for Group “{4}” stored in identity source “{6}” managed in security domain “{5}”




eventAdmin 20123 AM_TIME_RESTRICTED_ACCESS_DELETE

Delete Time Restricted Access from a Group

Administrator “{0}” deleted Time Restricted Access from Group “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20124 AUTHMGR_TOKENTYPES_MANAGEMENT

Manage TokenType and SoftTokenDeviceType

Administrator “{0}” attempted to manage TokenType and SoftTokenDeviceType “{4}” managed in security domain “{5}”

eventAdmin 20125 AUTHMGR_SELFSERVICETOKEN_MANAGEMENT

Manage SelfServiceToken

Administrator “{0}” attempted to manage SelfServiceToken

eventAdmin 20126 REMOTE_PRINCIPAL_ATTR_VALUE_CREATE

Create a Trusted User Attribute

Administrator created a trusted user Attribute

eventAdmin 20127 REMOTE_PRINCIPAL_ATTR_VALUE_UPDATE

Update a Trusted User Attribute

Administrator updated a trusted User Attribute

eventAdmin 20128 REMOTE_PRINCIPAL_ATTR_VALUE_DELETE

Delete a Trusted User Attribute

Administrator deleted a trusted user Attribute

eventAdmin 20129 REMOTE_PRINCIPAL_ATTR_VALUE_READ

Look up a Trusted User Attribute

Administrator looked up a trusted user Attribute




eventAdmin 20130 DISABLE_EMERGENCY_ACCESS

Disabled emergency access

Administrator “{0}” disabled emergency access for the token “{4}” managed in security domain “{5}” that belongs to the principal “{8}” stored in identity source “{10}” and managed in security domain “{9}”.

eventAdmin 20131 ENABLED_EA_FIXED_TOKENCODE

Token marked as lost. Enabled emergency access fixed token code.

Administrator “{0}” marked token “{4}” managed in security domain “{5}” that belongs to the principal “{8}” stored in identity source “{10}” and managed in security domain “{9}” as lost. Enabled emergency access fixed token code.




eventAdmin 20132 ENABLED_EA_ONE_TIME_TOKENCODE

Token marked as lost. Enabled emergency access one time token code.

Administrator “{0}” marked token “{4}” managed in security domain “{5}” that belongs to the principal “{8}” stored in identity source “{10}” and managed in security domain “{9}” as lost. Enabled emergency access one time token code.

eventAdmin 20133 UPDATE_EA_FIXED_TOKENCODE

Updated emergency access fixed token code.

Administrator “{0}” updated emergency access fixed token code for the token “{4}” managed in security domain “{5}” that belongs to the principal “{8}” stored in identity source “{10}” and managed in security domain “{9}”.




eventAdmin 20134 UPDATE_EA_ONE_TIME_TOKENCODE

Updated emergency access one time token code.

Administrator “{0}” updated emergency access one time token code for the token “{4}” managed in security domain “{5}” that belongs to the principal “{8}” stored in identity source “{10}” and managed in security domain “{9}”.

eventAdmin 20135 GENERATED_EA_FIXED_TOKENCODE

Generated emergency access fixed token code.

Administrator “{0}” generated emergency access fixed token code for the token “{4}” managed in security domain “{5}”.

eventAdmin 20136 GENERATED_EA_ONE_TIME_TOKENCODE

Generated emergency access one time token code.

Administrator “{0}” generated emergency access one time token code for the token “{4}” managed in security domain “{5}”.

eventAdmin 20137 TRUSTED_USER_GROUP_ACCESS_HOURS_LINK_UNLINK

Link a Trusted User Group to a Time Restricted Access Hours

Administrator linked a trusted user group to a time restricted access hours




eventAdmin 20138 AM_LINK_SOFT_TOKEN_DEVICE_TYPE

Link Software Token with Software Token Device Type Definition

Administrator “{0}” attempted to link software token “{4}” managed in security domain “{5}” with software token device type definition “{8}” stored in system

eventAdmin 20139 AM_UNLINK_SOFT_TOKEN_DEVICE_TYPE

Unlink Software Token from Software Token Device Type Definition

Administrator “{0}” attempted to unlink software token “{4}” managed in security domain “{5}” with software token device type definition “{8}” stored in system

eventAdmin 20140 AM_TURN_ON_EVENTTOKEN_DB_RECOVERY

Turn on the database recovery mode for event-based tokens

Administrator “{0}” attempted to turn on event token database recovery mode

eventAdmin 20141 AM_TURN_OFF_EVENTTOKEN_DB_RECOVERY

Turn off the database recovery mode for event-based tokens

Administrator “{0}” attempted to turn off event token database recovery mode

eventAdmin 20142 AM_RADIUS_ATTRDEF_CREATE

Create new RADIUS Attribute Definition

Administrator “{0}” attempted to create a new RADIUS Attribute Definition

eventAdmin 20143 AM_RADIUS_ATTRDEF_UPDATE

Update a RADIUS Attribute Definition

Administrator “{0}” attempted to update a RADIUS Attribute Definition




eventAdmin 20144 AM_RADIUS_ATTRDEF_DELETE

Delete a RADIUS Attribute Definition

Administrator “{0}” attempted to delete a RADIUS Attribute Definition

eventAdmin 20145 AM_RADIUS_ATTRDEF_READ View RADIUS Attribute Definition

Administrator “{0}” attempted to view a RADIUS Attribute Definition

eventAdmin 20146 DISTRIBUTE_SOFT_TOKEN_CTKIP

Distribute Soft Token through CT-KIP

Administrator “{0}” attempted to distribute software token “{4}” through CT-KIP managed in security domain “{5}”

eventAdmin 20147 AM_ENABLE_PRINCIPAL_FOR_SMS

Enabled Principal for On-Demand Authentication

Administrator “{0}” attempted to enable principal “{4}” stored in identity source “{6}” managed in security domain “{5}” for On-Demand Authentication

eventAdmin 20148 AM_DISABLE_PRINCIPAL_FOR_SMS

Disabled Principal for On-Demand Authentication

Administrator “{0}” attempted to disable principal “{4}” stored in identity source “{6}” managed in security domain “{5}” for On-Demand Authentication




eventAdmin 20149 AM_RADIUS_ATTRVAL_MANAGE

Manage RADIUS Attribute Values

Administrator “{0}” modified RADIUS Attribute Values for principal “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20150 AM_UPDATE_SMS_FOR_PRINCIPAL

Updated On-Demand Authentication Attributes for Principal

Administrator “{0}” attempted to update On-Demand Authentication for principal “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20151 MANAGE_SMS_AUTHENTICATOR

Manage On-Demand Authenticator

Administrator “{0}” attempted to manage On-Demand Authenticator for principal “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20152 MANAGE_SMS_PIN Update On-Demand PIN

Administrator “{0}” attempted to set On-Demand PIN for principal “{4}” stored in identity source “{6}” managed in security domain “{5}”




eventAdmin 20153 IMPORT_SOFT_TOKEN_DEVICE_TYPE

Import Software Token Device Definition

Administrator “{0}” attempted to import new software token device definition package file

eventAdmin 20154 AM61_MIGRATED_LOG_MESSAGE

AM61 Migrated log message


eventAdmin 20155 MANAGE_PUK_LOOKUP Manage Pin Unlock Key (PUK)

Administrator “{0}” attempted to lookup PUK data for token “{4}” managed in security domain “{5}”

eventAdmin 20156 AM_TOKEN_ATTRDEF_CREATE

Create new Token Attribute Definition

Administrator “{0}” attempted to create a new Token Attribute Definition

eventAdmin 20157 AM_TOKEN_ATTRDEF_UPDATE

Update a Token Attribute Definition

Administrator “{0}” attempted to update a Token Attribute Definition

eventAdmin 20158 AM_TOKEN_ATTRDEF_DELETE

Delete a Token Attribute Definition

Administrator “{0}” attempted to delete a Token Attribute Definition

eventAdmin 20159 AM_TOKEN_ATTRDEF_READ View Token Attribute Definition

Administrator “{0}” attempted to view a Token Attribute Definition




eventAdmin 20160 REALM_SETTINGS_CREATE Create Realm Settings

Administrator “{0}” attempted to create Realm Settings for security domain “{5}”

eventAdmin 20161 REALM_SETTINGS_DELETE Delete Realm Settings

Administrator “{0}” attempted to delete Realm Settings for security domain “{5}”

eventAdmin 20162 REALM_SETTINGS_UPDATE Update Realm Settings

Administrator “{0}” attempted to update Realm Settings “{11}” for security domain “{5}”

eventAdmin 20163 REALM_SETTINGS_READ Lookup Realm Settings

Administrator “{0}” attempted to look up Realm Settings for security domain “{5}”

eventAdmin 20164 AM_RADIUS_CREATE_CLIENT

Create RADIUS Client

Administrator “{0}” attempted to create RADIUS client “{4}” stored in managed in security domain “{5}”

eventAdmin 20165 AM_RADIUS_VIEW_CLIENT View RADIUS Client

Administrator “{0}” attempted to view RADIUS client “{4}” stored in managed in security domain “{5}”




eventAdmin 20166 AM_RADIUS_UPDATE_CLIENT

Update RADIUS Client

Administrator “{0}” attempted to update RADIUS client “{4}” managed in security domain “{5}”

eventAdmin 20167 AM_RADIUS_DELETE_CLIENT

Delete RADIUS Client

Administrator “{0}” attempted to delete RADIUS client “{4}” managed in security domain “{5}”

eventAdmin 20168 AM_RADIUS_CREATE_PROFILE

Create RADIUS Profile

Administrator “{0}” attempted to create RADIUS profile “{4}” managed in security domain “{5}”

eventAdmin 20169 AM_RADIUS_VIEW_PROFILE View RADIUS Profile

Administrator “{0}” attempted to view RADIUS profile “{4}” managed in security domain “{5}”

eventAdmin 20170 AM_RADIUS_UPDATE_PROFILE

Update RADIUS Profile

Administrator “{0}” attempted to update RADIUS profile “{4}” managed in security domain “{5}”

eventAdmin 20171 AM_RADIUS_DELETE_PROFILE

Delete RADIUS Profile

Administrator “{0}” attempted to delete RADIUS profile “{4}” managed in security domain “{5}”




eventAdmin 20172 AM_RADIUS_CREATE_SERVER

Create RADIUS Server

Administrator “{0}” attempted to create RADIUS server “{4}” managed in security domain “{5}”

eventAdmin 20173 AM_RADIUS_VIEW_SERVER View RADIUS Server

Administrator “{0}” attempted to view RADIUS server “{4}” managed in security domain “{5}”

eventAdmin 20174 AM_RADIUS_UPDATE_SERVER

Update RADIUS Server

Administrator “{0}” attempted to update RADIUS server “{4}” managed in security domain “{5}”

eventAdmin 20175 AM_RADIUS_DELETE_SERVER

Delete RADIUS Server

Administrator “{0}” attempted to delete RADIUS server “{4}” managed in security domain “{5}”

eventAdmin 20176 AM_RADIUS_CREATE_POLICY

Create RADIUS Realm Settings

Administrator “{0}” attempted to create RADIUS Realm settings “{4}” managed in security domain “{5}”

eventAdmin 20177 AM_RADIUS_VIEW_POLICY View RADIUS Realm Settings

Administrator “{0}” attempted to view RADIUS Realm settings “{4}” managed in security domain “{5}”




eventAdmin 20178 AM_RADIUS_UPDATE_POLICY

Update RADIUS Realm Settings

Administrator “{0}” attempted to update RADIUS Realm settings “{4}” managed in security domain “{5}”

eventAdmin 20179 AM_RADIUS_DELETE_POLICY

Delete RADIUS Realm settings

Administrator “{0}” attempted to delete RADIUS Realm settings “{4}” managed in security domain “{5}”

eventAdmin 20180 AM_RADIUS_LINK_PROFILE_AGENT

Assign RADIUS Profile to Agent

Administrator “{0}” attempted to assign RADIUS profile “{4}” to Agent “{8}” managed in security domain “{5}”

eventAdmin 20181 AM_RADIUS_LINK_PROFILE_PRINCIPAL

Assign RADIUS Profile to Principal

Administrator “{0}” attempted to assign RADIUS profile “{4}” to Principal “{8}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20182 AM_RADIUS_UNLINK_PROFILE_AGENT

Unassign RADIUS Profile from Agent

Administrator “{0}” attempted to unassign RADIUS profile from Agent “{4}” managed in security domain “{5}”




eventAdmin 20183 AM_RADIUS_UNLINK_PROFILE_PRINCIPAL

Unassign RADIUS Profile from Principal

Administrator “{0}” attempted to unassign RADIUS profile from Principal “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20184 AM_RADIUS_REPLICATION_PUBLISH

Initiate RADIUS Replication

Administrator “{0}” attempted to initiate replication of RADIUS data in security domain “{5}”

eventAdmin 20185 AM_RADIUS_REPLICATION_NOTIFY

Notify Server for RADIUS Replication

Administrator “{0}” attempted to initiate RADIUS replication in security domain “{5}”

eventAdmin 20186 AM_RADIUS_LINK_PROFILE_PRINCIPAL_ALIAS

Assign RADIUS Profile to Principal Alias

Administrator “{0}” attempted to assign RADIUS profile “{4}” to Principal “{8}” Alias “{11}” stored in identity source “{6}” managed in security domain “{5}”

eventAdmin 20187 AM_RADIUS_UNLINK_PROFILE_PRINCIPAL_ALIAS

Unassign RADIUS Profile from Principal Alias

Administrator “{0}” attempted to unassign RADIUS profile from Principal “{4}” Alias “{11}” managed in security domain “{5}”




eventAdmin 20188 AM_ON_DEMAND_CONFIGURATION_UPDATE

Update On-Demand Configuration

Administrator “{0}” attempted to update On-Demand configuration in realm “{5}”

eventAdmin 20189 AM_ACTIVITY_MONITOR_READ

Read Activity Monitor

Administrator “{0}” attempted to read activity monitor

eventAdmin 20190 TRANSMIT_TEST_TXT_MSG_SMS

Test SMS Provider Integration

Attempted to transmit text message to “{4}” to test integration with provider “{11}”

eventAdmin 20191 RESYNC_AM_TOKEN Resynchronize Token

Administrator “{0}” attempted to resynchronize token “{4}” managed in security domain “{5}”

eventAdmin 20192 AM_APS_AUTO_REG_ENABLED

Enable Agent Auto-registration

Administrator “{0}” enabled Agent Auto-registration

eventAdmin 20193 AM_APS_AUTO_REG_DEFAULT_REALM

Agent Auto-registratrion Default Realm

Administrator “{0}” updated Agent Auto-registration's Default Realm

eventAdmin 20194 AM_APS_AUTO_REG_PROTOCOL

Agent Auto-registratrion Protocol

Administrator “{0}” updated Agent Auto-registratrion Protocol




eventAdmin 20195 AM_APS_AUTO_REG_SVC_NAME

Agent Auto-registratrion Service name

Administrator “{0}” updated Agent Auto-registratrion Service name

eventAdmin 20196 AM_APS_AUTO_REG_PORT_NUMBER

Agent Auto-registratrion port number

Administrator “{0}” updated Agent Auto-registration port number

eventAdmin 20197 AM_EAP32_PEPPER_MIN EAP32 minimun pepper length

Administrator “{0}” updated EAP32 minimum pepper length

eventAdmin 20198 AM_EAP32_PEPPER_MAX EAP32 maximum pepper length

Administrator “{0}” updated EAP32 maximum pepper length

eventAdmin 20199 AM_EAP32_PEPPER_LIFETIME

EAP32 pepper lifetime

Administrator “{0}” updated EAP32 pepper lifetime

eventAdmin 20200 AM_EAP32_PEPPER_REFRESH EAP32 pepper refresh interval

Administrator “{0}” updated EAP32 pepper refresh interval

eventAdmin 20201 AM_EAP32_ITERATION_COUNT_MIN

EAP32 minimum iteration count

Administrator “{0}” updated EAP32 minimum iteration count

eventAdmin 20202 AM_EAP32_ITERATION_COUNT_MAX

EAP32 maximum iteration count

Administrator “{0}” updated EAP32 maximum iteration count

eventAdmin 20203 AM_EVENT_TOKEN_DB_RECOVERY_START_ON

Event Token db recovery start on

Administrator “{0}” updated Event Token db recovery starton date




eventAdmin 20204 AM_EVENT_TOKEN_DB_RECOVERY_ENABLED

Enable Event Token db recovery

Administrator “{0}” enabled Event Token db recovery

eventAdmin 20205 AM_EVENT_TOKEN_DB_RECOVERY_END_ON

Event Token db recovery end on

Administrator “{0}” updated Event Token db recovery endon date

eventAdmin 20206 AM_CTKIP_SERVICE_SERVER_URL

CTKIP Service Server URL

Administrator “{0}” updated CTKIP Service Server URL

eventAdmin 20207 AM_CTKIP_SERVICE_SERVER_ADDRESS

CTKIP Service Server address

Administrator “{0}” updated CTKIP Service Server address

eventAdmin 20208 AM_OFFLINE_AUTH_SVC_PROTOCOL

Offline Auth Service protocol

Administrator “{0}” updated Offline Auth Service protocol

eventAdmin 20209 AM_OFFLINE_AUTH_PORT_NUMBER

Offline Auth Port number

Administrator “{0}” updated Offline Auth Port number

eventAdmin 20210 AM_OFFLINE_AUTH_SVC_NAME

Offline Auth Service name

Administrator “{0}” updated Offline Auth Service name

eventAdmin 20211 AM_APS_AUTH_SVC_PROTOCOL

APS Authentication service protocol

Administrator “{0}” updated Authentication service protocol

eventAdmin 20212 AM_APS_PORT_NUMBER APS Authentication port number

Administrator “{0}” updated Authentication port number




eventAdmin 20213 AM_APS_CLIENT_RESPONSE_DELAY

APS Authentication client response delay

Administrator “{0}” updated Authentication client response delay

eventAdmin 20214 AM_CONFIGURATION_UPDATE_FAILED

Failed to update AM configuration

Administrator “{0}” failed to update AM configuration

eventAdmin 20215 AM_APS_AUTO_REG_DISABLED

Disable Agent Auto-registration

Administrator “{0}” disabled Agent Auto-registration

eventAdmin 20216 AM_EVENT_TOKEN_DB_RECOVERY_DISABLED

Disable Event Token db recovery

Administrator “{0}” disabled Event Token db recovery

eventAdmin 20217 ACTIVATE_BCO Activate Business Continuity

Administrator “{0}” attempted to activate business continuity “{4}” managed in security domain “{5}”

eventAdmin 20218 MANAGE_NTLM2UPN_MAPPINGS

Manage NTLM2UPN mappings

Administrator “{0}” attempted to manage(add/delete/update) NTLM2UPN mappings

eventAdmin 20219 DOWNLOADED_EA_ONE_TIME_TOKENCODE_TO_FILE

File Download Downloaded Generated emergency access one time token code for the token “{4}” to file.




eventAdmin 20220 TRUSTED_USER_GROUP_REMOTE_PRINCIPAL_UNLINK

Unlink a Trusted User Group to a Trusted User

Administrator “{0}” attempted to unlink trusted user “{4}” stored in identity source “{6}” managed in security domain “{5}” with trusted user group “{8}” stored in identity source “{10}” managed in security domain “{9}”

eventAdmin 20221 TRUSTED_USER_GROUP_AGENT_LINK

Link a Trusted User Group to an Agent

Administrator “{0}” attempted to link agent “{4}” managed in security domain “{5}” with trusted user group “{8}” stored in identity source “{10}” managed in security domain “{9}”

eventAdmin 20222 MANAGE_PUK_IGNORE Manage Pin Unlock Key (PUK)

Administrator “{0}” attempted to import PUK data for token “{4}” managed in security domain “{5}” but a record already exists.

eventAdmin 20223 MANAGE_PUK_REPLACE Manage Pin Unlock Key (PUK)

Administrator “{0}” attempted to replace PUK data for token “{4}” managed in security domain “{5}”




eventAdmin 20224 MANAGE_PUK_IMPORT Manage Pin Unlock Key (PUK)

Administrator “{0}” attempted to import PUK data for token “{4}” managed in security domain “{5}”

eventAdmin 20225 DEACTIVATE_BCO Deactivate Business Continuity

Business Continuity Option “{4}” expired in Security Domain “{5}”

eventAdmin 20226 PIN_UNBLOCK Pin Unblock Administrator “{0}” attempted to perform pin unblock for token “{4}”

eventAdmin 20231 AUTHMGR_CTKIP_AUTHCODE_UPDATE

Update CTKIP Authcode

Administrator “{0}” attempted to update CTKIP authcode “{4}” managed in security domain “{5}”

eventAdmin 20230 CREATE_BACKUP_ATTEMPT Create Backup Attempt

Administrator “{0}” attempted to create a backup.

eventAdmin 20227 CREATE_BACKUP Create Backup Administrator “{0}” created a backup.

eventAdmin 20234 AM_EAP32_SESSION_RESUMPTION_ENABLED

Enable EAP-POTP session resumption

Administrator “{0}” enabled EAP-POTP session resumption

eventAdmin 20235 AM_EAP32_SESSION_RESUMPTION_DISABLED

Disable EAP-POTP session resumption

Administrator “{0}” disabled EAP-POTP session resumption




eventAdmin 20236 AM_PERIODIC_RADIUS_REPLICATION_ENABLED

Enabled periodic RADIUS Replication

Administrator “{0}” enabled periodic RADIUS Replication

eventAdmin 20237 AM_PERIODIC_RADIUS_REPLICATION_DISABLED

Disabled periodic RADIUS Replication

Administrator “{0}” disabled periodic RADIUS Replication

eventAdmin 20238 AM_GENERATE_REPLICA_PKG

Replica Package Generation

Administrator “{0}” attempted to generate replica package

eventAdmin 20239 EXPORT_DATA_TO_FILE Export Data to file

Administrator “{0}” attempted to export data to the file “{11}”.

eventAdmin 20240 GENERATE_EXPORT_SECURITY_PACKAGE

Generate Export Security Package

Administrator “{0}” attempted to generate and download export security package.

eventAdmin 20241 AM_START_REPLICA_ATTACH

Start Replica Attach

Administrator “{0}” attempted to start attaching the replica “{4}”

eventAdmin 20242 IMPORT_DATA_FROM_FILE Import Users and Tokens from file

Administrator “{0}” attempted to import users and tokens from the file “{11}”.

eventAdmin 20243 IMPORT_TOKEN_FROM_EXPORTED_DATA

Import Token from exported data

Administrator “{0}” attempted to import token “{4}” from exported data file.

eventAdmin 20244 IMPORT_USER_FROM_EXPORTED_DATA

Import User from exported data

Administrator “{0}” attempted to import user “{4}” from exported data file.




eventAdmin 30001 UCM_REQUEST_CREATE Create a UCM Request

Administrator attempted to create ucm request

eventAdmin 30002 UCM_REQUEST_APPROVE Approve a UCM Request

Administrator attempted to approve a ucm request

eventAdmin 30003 UCM_REQUEST_DISTRIBUTE Distribute a UCM Request

Administrator attempted to distribute a ucm request

eventAdmin 30004 UCM_REQUEST_REJECT Reject a UCM Request

Administrator attempted to reject a ucm request

eventAdmin 30005 UCM_REQUEST_CANCEL Cancel a UCM Request

Administrator attempted to cancel a ucm request

eventAdmin 30006 UCM_REQUEST_UPDATE Update a UCM Request

Administrator attempted to update a ucm request

eventAdmin 30007 UCM_TOKEN_PIN_CHANGE Change Token Pin through UCM

Administrator attempted to change token pin through UCM

eventAdmin 30008 UCM_MAIL_RESEND Resend Last Mail Administrator attempted to resend the last mail

eventAdmin 30009 UCM_PIN_UNBLOCK Unblock Smart Card

User attempted to unblock smart card

eventAdmin 30010 UCM_RESET_PASSWORD Reset Password User attempted to reset their password

eventAdmin 30011 UCM_RESYNC_TOKEN Resync Token User attempted to resync their token




eventAdmin 30012 UCM_PLACE_TOKEN_EA_MODE

Place Token in EA Mode

User attempted to place token in EA mode

eventAdmin 30013 UCM_SMS_DELIVERY_CHANGE

Change SMS Delivery Option

User attempted to change SMS delivery options

eventAdmin 30014 UCM_UPDATE_USER_ATTRIBUTES

Update User Attributes

User attempted to update their attributes

eventAdmin 30015 UCM_CLEAR_RBA_DEVICES Clear RBA Devices

User attempted to clear their RBA devices

eventAdmin 30016 UCM_SEND_END_USER_NOTIFICATION

Send an End-User Notification

A notification has been sent to the user

eventAdmin 30017 UCM_UPDATE_USER_GROUPS

Update User Groups

User attempted to update their user groups

eventAdmin 30018 UCM_SET_REALM_PREFERENCES

Set Realm Preferences Actio

Admin attempted to set UCM realm preferences.

eventAdmin 30019 UCM_GET_REALM_PREFERENCES

Get Realm Preferences Action

Admin attempted to get UCM realm preferences.

eventAdmin 30020 UCM_UPDATE_SMART_CARD_CONFIG

Update UCM Smart Card Action

eventAdmin 30021 UPDATE_SHIPPING_ADDRESS_CONFIGURATION

update UCM Shipping Address Configuration Action Key.

eventAdmin 30022 UCM_IDENTITY_SOURCE_UPDATE

update UCM Identity Source System Action Key.




eventAdmin 30023 UCM_SECURITY_DOMAIN_UPDATE

update UCM security Domain System Action Key.

eventAdmin 30024 UCM_USER_PROFILE_UPDATE

update UCM User Profile System Action Key.

eventAdmin 30025 UCM_USER_GROUP_UPDATE update UCM User Group System Action Key.

eventAdmin 30026 UCM_MAIL_NOTIFICATION_TEMPLATE_UPDATE

update UCM mail notification template Action Key.

eventAdmin 30027 UCM_AUTHENTICATION_CONFIGURATION_UPDATE

update UCM authentication configuration Action Key.

eventAdmin 30028 UCM_SELFSERVICE_OPERATION_MAPPING_UPDATE

update UCM workflow definition Action Key.

eventAdmin 30029 UCM_USER_GROUP_RETRIEVE

Retrieve UCM User Group System Action Key.

eventAdmin 30030 UCM_SECURITY_DOMAIN_RETRIEVE

Retrieve UCM security Domain System Action Key.

eventAdmin 30031 UCM_IDENTITY_SOURCE_RETRIEVE

Retrieve UCM Identity Source System Action Key.




eventAdmin 30032 UCM_USER_PROFILE_RETRIEVE

Retrieve UCM User Profile System Action Key.

eventAdmin 30033 SHIPPING_ADDRESS_CONFIGURATION_RETRIEVE

Retrieve Shipping Address Configuration Action Key.

eventAdmin 30034 UCM_REQUEST_RETRIEVE Retrieve a UCM Request.

eventAdmin 30035 UCM_WORKITEM_COMPLETE Create a UCM Request.

eventAdmin 30036 UCM_SEARCH_REQUESTS_BY_ATTRIBUTE

Search Requests by Attribute Action Key

eventAdmin 30037 UCM_COMPLETE_WORKFLOW_REQUEST

Complete Workflow Request Action Key

eventAdmin 30038 UCM_GET_WORKFLOWS Get Workflows Action Key

eventAdmin 30039 UCM_GET_WORKFLOW_REQUESTS

Get Workflows Requests Action Key

eventAdmin 30040 UCM_GET_WORKFLOW_REQUEST_ACTIONS

Get Workflows Request Actions Action Key

eventAdmin 30041 UCM_GET_WORKFLOW_PROCESSES

Get Workflow Processes Action Key

eventAdmin 30042 UCM_UPDATE_WORKFLOW_REQUEST

Update Workflow Request Action Key

eventAdmin 30043 UCM_MAIL_NOTIFICATION_TEMPLATE_ADD

Add UCM mail notification template Action Key.




eventAdmin 30044 UCM_PROCESS_DEFINITON_UPDATE

Update UCM process definition Action Key.

eventAdmin 30045 UCM_SHIPPING_ADDRESS_UPDATE

update UCM Shipping Address Attribute Definition System Action Key.

eventAdmin 30046 UCM_PROCESS_DEFINITON_RETRIEVE

Retrieve UCM process definition Action Key.

eventAdmin 30047 UCM_RETRIEVE_CONFIGURATION

Retrieve UCM configuration Action Key.

eventAdmin 30048 UCM_REQUEST_AUTO_APPROVE

Auto-approve a Self-Service Request

eventAdmin 30049 UCM_ACTIVATE_TOKEN Activate Token

eventAdmin 30050 UCM_ACTIVATE_REPLACEMENT_TOKEN

Activate Replacement Token

eventAdmin 30051 UCM_ASSIGN_REPLACEMENT_TOKEN

Assign Replacement Token

eventAdmin 30052 UCM_CHANGE_SMS_PIN Change SMS Pin

eventAdmin 30053 UCM_ASSIGN_SMS_TOKEN Assign On-Demand Token

eventAdmin 30054 UCM_ASSIGN_TOKEN Assign Token

eventAuthn 13001 AUTHN_LOGOUT_EVENT Principal session logout

User “{0}” attempted to log out of security domain “{1}” in identity source “{2}”




eventAuthn 13002 AUTHN_LOGIN_EVENT Principal authentication

User “{0}” attempted to authenticate using authenticator “{6}”. The user belongs to security domain “{1}”

eventAuthn 13003 AUTHN_LOCKOUT_EVENT Principal lockout User “{0}” from security domain “{1}” in identity source “{2}” is locked out

eventAuthn 13004 ADD_DEVICE_BINDING Register new device for principal

A new device was saved to the RBA device history for user “{0}” from security domain “{1}” in identity source “{2}”.

eventAuthn 13005 OC_ADMIN_LOGOUT_EVENT OC Admin session logout

Operations Console admin “{0}” attempted to log out of Operations Console

eventAuthn 13006 OC_ADMIN_LOGIN_EVENT OC Admin authentication

Operations Console admin “{0}” attempted to authenticate to Operations Console

eventAuthn 13007 PROXY_LOGIN_EVENT Authentication request

The authentication request was routed through “{9}”.




eventAuthn 13008 DEVICE_ELEMENTS_NOT_BOUND

Device elements not bound for principal

User “{0}” from security domain “{1}” in identity source “{2}” must provide an identity confirmation before he can achieve a higher assurance level for this device. If the user has not already configured an identity confirmation method then you may need to take action.

eventAuthn 23001 AUTH_UDP_PACKET_PROCESSING

Authentication packet processing

Processing authentication packet from agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23002 AUTH_UNSUPPORTED_PROTOCOL

Received unsupported request

Received unsupported request from agent “{3}” with IP address “{4}” in security domain “{5}”. Request type: “{18}”

eventAuthn 23003 AUTH_LOG_REQUEST Authentication log request

Log request received from agent “{3}” with IP address “{4}” in security domain “{5}”




eventAuthn 23004 AUTH_AGENT_ACCESS_CHECK

Authentication agent access check

Verifying user “{0}” in security domain “{1}” from identity source “{2}” is allowed access to agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23005 AUTH_NODE_VERIFICATION Node secret verification

Verifying node secret for the agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23006 AUTH_NODE_SECRET_SENT Node secret sent Node secret sent to agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23007 AUTH_SECONDARY_SEGMENT_PROCESSING_FAILURE

Secondary segment processing failed

Unable to process secondary segments for request from agent “{3}” with IP address “{4}” in security domain “{5}”. Secondary segment request will be ignored

eventAuthn 23008 AUTH_PRINCIPAL_RESOLUTION

Resolve principal by userid/alias

Attempting to resolve user by userid or alias “{0}”. Request originated from agent “{3}” with IP address “{4}” in security domain “{5}”




eventAuthn 23009 AUTH_SESSION_OPEATION_FAILURE

Session operation failure

Session operation failure processing request from agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23010 AUTH_NEW_PIN_CANCELLED

New pin cancelled for user

New pin cancelled for user“{0}”. Request originated from agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23011 CREATE_AM_TOKEN Create Token Administrator “{0}” attempted to create token “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAuthn 23012 UPDATE_AM_TOKEN Update Token Administrator “{0}” attempted to update token “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAuthn 23013 DELETE_AM_TOKEN Delete Token Administrator “{0}” attempted to delete token “{4}” stored in identity source “{6}” managed in security domain “{5}”

eventAuthn 23014 AUTHMGR_TOKEN_STAT_SEARCH

Token Statistics Search

Administrator “{0}” attempted to search for token statistics




eventAuthn 23015 OFFLINE_LOGIN_EVENT Offline Login Event

Offline authentication attempted by user “{0}” on agent “{3}” using token with serial number “{8}” at “{10}”

eventAuthn 23016 OA_DATA_DOWNLOAD Offline Authentication Data Download

Offline authentication data download requested by user “{0}” from agent “{3}” using token “{8}”

eventAuthn 23017 OA_DATA_DOWNLOAD_FAILED

Offline Authentication Data Download Failed

Offline authentication data download requested by user “{0}” from agent “{3}” using token “{8}” failed with error message “{9}”

eventAuthn 23018 OA_WINDOWS_PASSWORD_UPDATE

Windows Password Updated

Windows password updated for user “{0}”

eventAuthn 23019 OA_DOMAIN_SECRET_UPDATE

Domain Secret Updated

Domain secret updated for agent “{3}”

eventAuthn 23020 AUTHMGR_NEW_PIN_ACTIVATED

New pin mode activated for token

New pin mode activated for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity source




eventAuthn 23021 AUTHMGR_NEXT_TOKENCODE_ACTIVATED

Next tokencode mode activated for token

Next tokencode mode activated for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity source

eventAuthn 23022 AUTHMGR_TOKEN_REPLACEMENT_ORIGINAL_DELETED

Token replaced original token deleted

eventAuthn 23023 AUTHMGR_TOKEN_REPLACEMENT_ORIGINAL_UNASSIGNED

Token replaced original token unassigned

eventAuthn 23024 AUTHMGR_PASSCODE_REUSE

Authentication attempted

Passcode reuse or previous token code detected for user “{0}” in security domain “{1}” from “{2}” identity source. Request originated from agent “{3}” with IP address “{4}” in security domain “{5}” with protocol version “{2}”. Authentication method: “{6}” ; Authentication policy exp: “{7}”

eventAuthn 23025 AUTHMGR_SID_METHOD_INFO

SID method SID method




eventAuthn 23026 AUTHMGR_PIN_CHANGE PIN change attempted

User “{0}” in security domain “{1}” from identity source “{2}” attempted to change pin for token serial number “{16}”

eventAuthn 23027 AUTHMGR_FIXED_PASSCODE_CHANGE

Fixed passcode change

Administrator “{0}” attempted to change fixed passcode

eventAuthn 23028 AUTH_AGENT_LOOKUP Lookup Authentication agent

Lookup authentication agent by IP address “{4}”

eventAuthn 23029 AGENT_AUTO_REG_START Agent auto-registration request

Received an agent auto-registration request from IP address “{4}”

eventAuthn 23030 AUTO_REG_NEW_AGENT New authentication agent was registered with Authentication Manager

New authentication agent “{3}” with primary IP address “{4}” was registered with Authentication Manager in Security Domain “{5}”

eventAuthn 23031 AUTOREG_GET_SECURITY_DOMAIN

Getting Security Domain for agent auto-registration

Getting Security Domain for agent “{3}” with primary IP address “{4}” for auto-registration. Agent Security Domain is “{5}”




eventAuthn 23032 AUTO_REG_DUPLICATE_IP Found another agent with the same IP address while trying to auto-register an agent

Found another agent “{8}” with the same IP address “{4}” while trying to auto-register agent “{3}”

eventAuthn 23033 AUTOREG_UPDATE_AGENT Updated agent with the new IP address

Updated agent “{3}” with the new IP address “{4}” in Security Domain “{5}”

eventAuthn 23034 AUTOREG_UNASSIGN_IP While updating an agent

found another agent with the same IP address. Unassigning IP address

eventAuthn 23035 AUTO_REG_DUPLICATE_AGENT

Registering new agent. Found agent with the same name

Registering new agent “{3}” in Security Domain “{5}”. Found agent with the same name and IP address “{4}”

eventAuthn 23036 AUTOREG_VERIFY_NODESECRET

Agent node secret verification

Verifying node secret for the agent “{3}” with IP address “{4}” in Security Domain “{5}”

eventAuthn 23037 AUTOREG_AGENT_NOT_FOUND

Trying to update IP address for an agent with node secret

but it does not exist

eventAuthn 23038 AUTOREG_DHCP_ERROR While registering an agent

found another agent with the same alias IP address




eventAuthn 23039 AUTOREG_CLEAR_NODESECRET

Agent node secret has been cleared

Cleared node secret for the agent “{3}” in Security Domain “{5}”

eventAuthn 23040 TR_H_AUTHMGR_PIN_CHANGE

Trusted Realm: PIN change attempted

User “{0}” in security domain “{1}” from identity source “{2}” in trusted realm “{13}” attempted to change pin for token serial number “{16}”

eventAuthn 23041 TR_H_AUTHMGR_PASSCODE_REUSE

Trusted Realm authentication attempted

Passcode reuse or previous token code detected for user “{0}” in security domain “{1}” from “{2}” identity source. Request originated from trusted realm “{13}” with agent “{3}” with IP address “{4}” in security domain “{5}” with protocol version “{2}”. Authentication method: “{6}” ; Authentication policy exp: “{7}”

eventAuthn 23042 TR_H_AUTHN_LOGIN_EVENT Trusted Realm Authentication

User “{0}” attempted to authenticate using authenticator “{6}” from Trusted Realm “{13}”. The user belongs to Security Domain “{1}”




eventAuthn 23043 TR_R_AUTHN_LOGIN_EVENT Trusted Realm Authentication Requested

Trusted user “{0}” attempted to authenticate using authenticator “{8}” at trusted realm “{9}”. The user belongs to Security Domain “{1}”

eventAuthn 23044 TR_R_AUTHMGR_NEXT_TOKENCODE_ACTIVATED

Trusted Realm Authentication Request activated next tokencode mode for token

Next tokencode mode activated for token serial number “{11}” assigned to user “{0}” in security domain “{1}” from the trusted realm “{8}”.

eventAuthn 23045 TR_R_AUTHMGR_PIN_CHANGE

Trusted Realm new PIN created by user

User “{0}” in security domain “{1}” from the trusted realm “{9}” created new pin for token serial number “{10}”.

eventAuthn 23046 TR_H_AUTHMGR_NEW_PIN_ACTIVATED

Trusted Realm: New pin mode activated for token

New pin mode activated for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity source. Request received from trusted realm “{13}”




eventAuthn 23047 TR_H_AUTHMGR_NEXT_TOKENCODE_ACTIVATED

Trusted Realm: Next tokencode mode activated for token

Next tokencode mode activated for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity source. Request received from trusted realm “{13}”

eventAuthn 23048 TR_R_REMOTE_PRINCIPAL_DISCOVERED

Trusted User Discovered

The trusted user “{0}” was discovered in the trusted realm “{9}”.

eventAuthn 23049 TR_R_REMOTE_PRINCIPAL_NOT_DISCOVERED

Resolve user by User ID/alias/Trusted realm search

The user login “{0}” could not be discovered in the local realm or by searching configured trusted realms.

eventAuthn 23050 NO_MORE_OTT Login with One Time Tokencode Event

Token with serial number “{8}” does not have any more one time tokencodes associated with it.

eventAuthn 23051 TFT_EXPIRED Login with Temporary Fixed Tokencode Event

Fixed emergency access tokencode associated with token with serial number “{8}” has expired.




eventAuthn 23052 OTTS_EXPIRED Login with One Time Tokencode Event

One time emergency access tokencode set associated with token with serial number “{8}” has expired.

eventAuthn 23053 EAP32_SESSION_RESUME EAP-32 Authentication

User “{0}” attempted to resume the existing EAP-32 Session.

eventAuthn 23054 REMOTE_AUTH_PRINCIPAL_RESOLUTION

Resolve trusted user by userid

Attempting to resolve trusted user by userid “{0}”. Request originated from agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23055 AM61_MIGRATED_AUTHN_LOG_MESSAGE


AM61 Migrated log message. Original message: “{8}”.

eventAuthn 23056 TR_R_REALM_DISABLED Trusted Realm Disabled

The Trusted Realm “{9}” has rejected the connection.

eventAuthn 23057 TR_R_LOCAL_REALM_DISABLED

Trusted Realm Disabled

The Trusted Realm “{9}” is disabled.

eventAuthn 23058 NTLM_MAPPING_NOT_FOUND

NTLM mapping not found

There is no NTLM mapping for “{8}”.

eventAuthn 23059 FAILED_TO_LOOKUP_NTLM_MAPPINGS

Failed to lookup NTLM mapping

Could not lookup NTLM mapping for “{8}”.

eventAuthn 23060 EAP32_AUTH EAP-32 Authentication

User “{0}” attempted EAP-32 authentication




eventAuthn 23061 EAP32_NEW_PEPPER EAP-32 Authentication

User “{0}” received new EAP-32 Pepper

eventAuthn 23062 TOKEN_EXPIRED Token Expired Token serial number “{16}” assigned to user “{0}” in security domain “{1}” from identity source “{2}” is expired

eventAuthn 23063 AUTH_AGENT_LOG_REQUEST_SUCCESS

Agent log request TACACS login succeeded with TACACS password on agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23064 AUTH_AGENT_LOG_REQUEST_FAIL

Agent log request TACACS login failed with TACACS password on agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23065 AUTH_AGENT_ENABLE_REQUEST

Agent log enable request

TACACS enable attempt on agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23066 AUTHMGR_SMS_PIN_CHANGE

PIN change attempted for On-Demand Tokencode Service

User “{0}” in security domain “{1}” from identity source “{2}” attempted to change pin for On-Demand Tokencode Service




eventAuthn 23067 AUTHMGR_SMS_PASSCODE_REUSE


Passcode reuse or previous token code detected for user “{0}” in security domain “{1}” from “{2}” identity source. Request originated from agent “{3}” with IP address “{4}” in security domain “{5}” with protocol version “{2}”. Authentication method: “{6}” ; Authentication policy exp: “{7}”

eventAuthn 23068 AUTHMGR_SMS_NEW_PIN_ACTIVATED

New pin mode activated for On-Demand Tokencode Service

New pin mode activated for On-Demand Tokencode Service for user “{0}” in security domain “{1}” from “{2}” identity source

eventAuthn 23069 AUTH_AGENT_TRUSTED_USER_ACCESS_CHECK

Authentication agent access check

Verifying trusted user “{0}” in security domain “{1}” from identity source “{2}” is allowed access to agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23070 AUTOREG_UPDATE_FAILED Agent update failed

Auto-registration update for the agent “{3}” with IP address “{4}” in Security Domain “{5}”




eventAuthn 23071 AUTH_FAILED_BAD_TOKENCODE_GOOD_PIN


Bad tokencode ; but good PIN detected for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity source

eventAuthn 23072 AUTH_FAILED_BAD_PIN_GOOD_TOKENCODE


Bad PIN ; but good tokencode detected for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity source

eventAuthn 23073 AUTH_FAILED_BAD_PIN_PREVIOUS_TOKENCODE


Bad PIN ; but previous tokencode detected for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity source

eventAuthn 23074 TR_R_AUTHMGR_NTC_ACCEPTED

Trusted realm next token code accepted

Next tokencode mode accepted for token serial number “{11}” assigned to user “{0}” in security domain “{1}” from the trusted realm “{8}”.

eventAuthn 23075 AUTH_AGENT_ENABLE_SUCCESS

Agent log request TACACS enable succeeded on agent “{3}” with IP address “{4}” in security domain “{5}”




eventAuthn 23076 AUTH_AGENT_ENABLE_FAILED

Agent log request TACACS enable not authorized on agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23077 AUTH_AGENT_ARA_LOGIN Agent log request TACACS ARA Login (No SecurID) on agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23078 AUTH_AGENT_CHAP_LOGIN Agent log request TACACS CHAP Login (No SecurID) on agent “{3}” with IP address “{4}” in security domain “{5}”

eventAuthn 23079 AUTHN_ARTIFACT_VALIDATION

Authentication artifact validation

Authentication artifact validation on agent “{3}” with IP address “{4}” in security domain “{5}” for user “{0}” in security domain “{1}” from “{2}” identity source

eventAuthn 23080 AUTH_AGENT_DOESNT_ACCEPT_SECURID

SecurID credential type not accepted

Received a SecurID credential ; which the agent is configured to not accept. Agent “{3}” with IP address “{4}” in security domain “{5}”.




eventAuthn 23081 AUTHN_ARTIFACT_GENERATION

Generate Authentication Artifact

Authentication artifact was generated for principal “{0}” stored in identity source “{2}” managed in security domain “{1}”

eventSystem 16001 LICENSE_INSTALL Install license Administrator “{0}” attempted to install license “{4}” for “{3}”

eventSystem 16002 LICENSE_REPLACEMENT Replace license Administrator “{0}” attempted to replace license “{5}” for “{3}” with license “{4}”

eventSystem 16003 LICENSE_UNINSTALL Uninstall license Administrator “{0}” attempted to uninstall license “{4}” for “{3}”

eventSystem 16004 LICENSE_CHECK Check license System attempted to check the license for product “{3}” “{4}” on instance “{5}”

eventSystem 16005 LICENSE_GET Retrieve license from the database

System attempted to retrieve a license from the database with filter “{3}”

eventSystem 16006 FEATURE_LICENSE_CHECK Check license for feature

System attempted to check the license for feature “{6}” of “{3}” “{4}” on instance “{5}”




eventSystem 16007 ARCHIVE_LOG Log archived Messages in log “{3}” archived from dates “{4}” through “{5}”

eventSystem 16008 PLUGIN_LOADED Load plug-in System attempted to load plug-in “{3}” from file “{4}”

eventSystem 16009 EXTENSION_LOADED Load extension point

System attempted to load extension point “{4}” from plug-in “{3}”

eventSystem 16010 SETUP_PRIMARY Setup primary Replication “{3}” “{4}” succeeded

eventSystem 16011 REMOVE_PRIMARY Remove primary Replication “{3}” “{4}” succeeded

eventSystem 16012 PROMOTE_PRIMARY Promote primary Replication “{3}” “{4}” succeeded

eventSystem 16013 ADD_REPLICA Add replica Replication “{3}” “{4}” succeeded

eventSystem 16014 REMOVE_REPLICA Remove replica Replication “{3}” “{4}” succeeded

eventSystem 16015 ATTACH_REPLICA Attach replica Replication “{3}” “{4}” succeeded

eventSystem 16016 SYNCHRONIZE_REPLICA Synchronize replica

Replication “{3}” “{4}” succeeded

eventSystem 16017 REGISTRY_TOPOLOGY_READ Read cluster topology

System attempted to retrieve the cluster topology

eventSystem 16018 REGISTRY_TOPOLOGY_WRITE

Update cluster topology

System attempted to update the cluster topology for instance “{3}”




eventSystem 16019 REGISTRY_INSTANCE_REGISTRATION

Register instance Administrator “{0}” attempted to register instance “{3}”

eventSystem 16020 REGISTRY_INSTANCE_UPDATE

Update instance Administrator “{0}” attempted to update instance “{3}”

eventSystem 16021 REGISTRY_INSTANCE_DEREGISTER

Deregister instance

Administrator “{0}” attempted to deregister instance with ID “{3}”

eventSystem 16022 REGISTRY_INSTANCE_LOOKUP

Look up instance Administrator “{0}” attempted to read an instance

eventSystem 16023 REGISTRY_COMPONENT_REGISTRATION

Register component

Administrator “{0}” attempted to register component “{4}” on instance “{3}”

eventSystem 16024 REGISTRY_COMPONENT_UPDATE

Update component

Administrator “{0}” attempted to update component “{4}” on instance “{3}”

eventSystem 16025 REGISTRY_COMPONENT_DEREGISTER

Deregister component

Administrator “{0}” attempted to deregister component “{4}” from instance “{3}”

eventSystem 16026 REGISTRY_COMPONENT_LOOKUP

Look up component

Administrator “{0}” attempted to read a component

eventSystem 16027 REGISTRY_PATCH_ADD Add component patch

Administrator “{0}” attempted to add patch “{5}” to component “{4}” on instance “{3}”




eventSystem 16028 REGISTRY_PATCH_REMOVE Remove component patch

Administrator “{0}” attempted to remove patch “{5}” from component “{4}” on instance “{3}”

eventSystem 16029 REGISTRY_CLUSTER_UPDATED

Cluster topology updated

Cluster topology for instance “{3}” has been updated

eventSystem 16030 REGISTRY_CLUSTER_UNCHANGED

Cluster topology unchanged

Cluster topology for instance “{3}” has not been changed

eventSystem 16031 REGISTRY_INITIALIZATION Initialize registry System attempted to initialize the registry

eventSystem 16032 DELETE_BATCH_JOB Delete batch job Administrator “{0}” attempted to delete batch job “{8}”

eventSystem 16033 EXECUTE_BATCH_JOB Execute batch job Administrator “{0}” attempted to execute batch job “{3}”: “{4}”

eventSystem 16034 READ_BATCH_JOB Read batch job Administrator “{0}” attempted to read batch job “{8}”

eventSystem 16035 READ_SCHEDULE_JOB Read scheduled job

Administrator “{0}” attempted to read scheduled job “{8}”

eventSystem 16036 ADD_BATCH_JOB Add batch job Administrator “{0}” attempted to add batch job “{8}”




eventSystem 16037 SCHEDULE_BATCH_JOB Schedule batch job

Administrator “{0}” attempted to schedule batch job “{8}”

eventSystem 16038 DELETE_SCHEDULE_JOB Delete scheduled job

Administrator “{0}” attempted to delete scheduled job “{8}”

eventSystem 16039 CANCEL_BATCH_JOB Cancel batch job Administrator “{0}” attempted to cancel batch job “{8}”

eventSystem 16040 CANCEL_SCHEDULE_JOB Cancel scheduled job

Administrator “{0}” attempted to cancel scheduled job “{8}”

eventSystem 16041 DELETE_AGED_JOB Delete aged job Administrator “{0}” attempted to delete aged job “{3}”

eventSystem 16042 EXECUTE_COMMAND Execute command

Administrator “{0}” attempted to execute command “{3}”

eventSystem 16043 CONDITION_EVALUATION Evaluate condition

Administrator “{0}” attempted to evaluate the expression “{3}”

eventSystem 16044 ACCESS_DATABASE Database access Database access attempted by system

eventSystem 16045 ACCESS_DIRECTORY Directory access Administrator “{0}” attempted to access directory “{3}”

eventSystem 16046 CREATE_REALM Create realm Administrator “{0}” attempted to create a realm




eventSystem 16047 DELETE_REALM Delete realm Administrator “{0}” attempted to delete a realm

eventSystem 16048 UPDATE_REALM Update realm Administrator “{0}” attempted to update a realm

eventSystem 16049 READ_REALM Read realm Administrator “{0}” attempted to read a realm

eventSystem 16050 CREATE_SECURITY_DOMAIN Create security domain

Administrator “{0}” attempted to create a security domain

eventSystem 16051 DELETE_SECURITY_DOMAIN Delete security domain

Administrator “{0}” attempted to delete a security domain

eventSystem 16052 UPDATE_SECURITY_DOMAIN Update security domain

Administrator “{0}” attempted to update a security domain

eventSystem 16053 READ_SECURITY_DOMAIN Read security domain

Administrator “{0}” attempted to read a security domain

eventSystem 16054 CREATE_IDENTITY_SOURCE Create identity source

Administrator “{0}” attempted to create an identity source “{3}”

eventSystem 16055 DELETE_IDENTITY_SOURCE Delete identity source

Administrator “{0}” attempted to delete an identity source “{3}”

eventSystem 16056 UPDATE_IDENTITY_SOURCE Update identity source

Administrator “{0}” attempted to update an identity source “{3}”




eventSystem 16057 READ_IDENTITY_SOURCE Read identity source

Administrator “{0}” attempted to read an identity source

eventSystem 16058 LINK_IDENTITY_SOURCES Link identity source

Administrator “{0}” attempted to associate an identity source with a realm

eventSystem 16059 UNLINK_IDENTITY_SOURCES Unlink identity source

Administrator “{0}” attempted to disassociate an identity source from a realm

eventSystem 16060 READ_AUTHENTICATORS Read authenticators

System attempted to read authenticators

eventSystem 16061 UPDATE_AUTHENTICATORS Update authenticators

Administrator “{0}” attempted to update authenticators

eventSystem 16062 CREATE_ATTRIBUTE Create attribute Administrator “{0}” attempted to create an attribute

eventSystem 16063 READ_ATTRIBUTE Read attribute Administrator “{0}” attempted to read an attribute definition

eventSystem 16064 UPDATE_ATTRIBUTE Update attribute Administrator “{0}” attempted to update an attribute

eventSystem 16065 DELETE_ATTRIBUTE Delete attribute Administrator “{0}” attempted to delete an attribute

eventSystem 16066 CREATE_ATTRIBUTE_MAPPING

Map attribute Administrator “{0}” attempted to map an attribute




eventSystem 16067 READ_ATTRIBUTE_MAPPING Read attribute mapping

Administrator “{0}” attempted to read mappings for an attribute definition

eventSystem 16068 DELETE_ATTRIBUTE_MAPPING

Delete attribute mapping

Administrator “{0}” attempted to delete mapping of an attribute

eventSystem 16069 CREATE_ADMIN_ROLE Create administrative role

Administrator “{0}” attempted to create an administrative role

eventSystem 16070 DELETE_ADMIN_ROLE Delete administrative role

Administrator “{0}” attempted to delete an administrative role

eventSystem 16071 READ_ADMIN_ROLE Read administrative role

Administrator “{0}” attempted to read an administrative role

eventSystem 16072 UPDATE_ADMIN_ROLE Update administrative role

Administrator “{0}” attempted to update an administrative role

eventSystem 16073 LINK_PRINCIPAL_ADMIN_ROLE

Associate principal with administrative role

Administrator “{0}” attempted to associate a principal with an administrative role

eventSystem 16074 UNLINK_PRINCIPAL_ADMIN_ROLE

Disassociate principal from administrative role

Administrator “{0}” attempted to disassociate a principal from an administrative role

eventSystem 16075 INITIALIZE_PERMISSIONS Initialize permissions

System attempted to load permission types from the database




eventSystem 16076 AUTHN_BROKER_INIT_EVENT

Initialize authentication broker

System attempted to initialize the authentication broker

eventSystem 16077 CREATE_PWD_POLICY Create password policy

Administrator “{0}” attempted to create a password policy

eventSystem 16078 DELETE_PWD_POLICY Delete password policy

Administrator “{0}” attempted to delete password policy “{4}”

eventSystem 16079 UPDATE_PWD_POLICY Update password policy

Administrator “{0}” attempted to update password policy “{4}”

eventSystem 16080 READ_PWD_POLICY Read password policy

Administrator “{0}” attempted to read password policy “{4}”

eventSystem 16081 CREATE_LOCKOUT_POLICY Create lockout policy

Administrator “{0}” attempted to create a lockout policy

eventSystem 16082 DELETE_LOCKOUT_POLICY Delete lockout policy

Administrator “{0}” attempted to delete lockout policy “{4}”

eventSystem 16083 UPDATE_LOCKOUT_POLICY Update lockout policy

Administrator “{0}” attempted to update lockout policy “{4}”

eventSystem 16084 READ_LOCKOUT_POLICY Read lockout policy

Administrator “{0}” attempted to read lockout policy “{4}”




eventSystem 16085 CREATE_AUTH_POLICY Create authentication policy

Administrator “{0}” attempted to create an authentication policy

eventSystem 16086 DELETE_AUTH_POLICY Delete authentication policy

Administrator “{0}” attempted to delete authentication policy “{4}”

eventSystem 16087 UPDATE_AUTH_POLICY Update authentication policy

Administrator “{0}” attempted to update authentication policy “{4}”

eventSystem 16088 READ_AUTH_POLICY Read authentication policy

Administrator “{0}” attempted to read authentication policy “{4}”

eventSystem 16089 DENIAL_OF_SERVICE Denial-of-service attack detected

Denial-of-service attack detected. Server received “{4}” failed authentications from user “{3}”

eventSystem 16090 READ_PWD_DIC Read password dictionary

System attempted to read the password dictionary

eventSystem 16091 DELETE_PWD_DIC Delete password dictionary

System attempted to delete the password dictionary

eventSystem 16092 UNLINK_SECURITY_DOMAIN_POLICIES

Unlink policies from security domain

Administrator “{0}” attempted to unlink policies from security domain “{3}”




eventSystem 16093 UNLINK_SECURITY_DOMAIN_AUTHN_POLICY


Administrator “{0}” attempted to unlink the authentication policy from security domain “{3}”

eventSystem 16094 UNLINK_SECURITY_DOMAIN_PWD_POLICY


Administrator “{0}” attempted to unlink the password policy from security domain “{3}”

eventSystem 16095 UNLINK_SECURITY_DOMAIN_LCK_POLICY


Administrator “{0}” attempted to unlink the lockout policy from security domain “{3}”

eventSystem 16096 CREATE_GROUP Create group Administrator “{0}” attempted to create a group

eventSystem 16097 UPDATE_GROUP Update group Administrator “{0}” attempted to update a group

eventSystem 16098 UNREGISTER_GROUP Unregister group Administrator “{0}” attempted to unregister a group

eventSystem 16099 READ_GROUP Read group Administrator “{0}” attempted to read a group

eventSystem 16100 DELETE_GROUP Delete group Administrator “{0}” attempted to delete group “{4}” ; stored in an identity source

eventSystem 16101 LINK_GROUP_GROUP Associate group with group

Administrator “{0}” attempted to associate a group with another group




eventSystem 16102 UNLINK_GROUP_GROUP Disassociate group from group

Administrator “{0}” attempted to disassociate a group from another group

eventSystem 16103 LINK_GROUP_PRINCIPAL Associate group with principal

Administrator “{0}” attempted to associate a group with a principal

eventSystem 16104 UNLINK_GROUP_PRINCIPAL Disassociate group from principal

Administrator “{0}” attempted to disassociate a principal from a group

eventSystem 16105 CREATE_GROUP_PARTIAL_FAILURE

Create group with partial failure

Administrator “{0}” created group “{5}” in identity source “{3}”. Although the operation partially failed ; the group might still exist in the directory

eventSystem 16106 CREATE_PRINCIPAL Create principal Administrator “{0}” attempted to create a principal

eventSystem 16107 REGISTER_PRINCIPAL Register principal Administrator “{0}” attempted to register a principal: “{3}”

eventSystem 16108 UNREGISTER_PRINCIPAL Unregister principal

Administrator “{0}” attempted to unregister a principal

eventSystem 16109 DELETE_PRINCIPAL Delete principal Administrator “{0}” attempted to delete a principal




eventSystem 16110 UPDATE_PRINCIPAL Update principal Administrator “{0}” attempted to update a principal

eventSystem 16111 READ_PRINCIPAL Read principal Administrator “{0}” attempted to read a principal

eventSystem 16112 REMOVE_ORPHANED_PRINCIPALS

Clean up unresolvable users

Administrator “{0}” attempted to clean up unresolvable users

eventSystem 16113 CREATE_PRINCIPAL_PARTIAL_FAILURE

Create principal with partial failure

Administrator “{0}” created a user “{5}” in identity source “{3}”. Although the operation partially failed ; the user might still exist in the directory

eventSystem 16114 CREATE_PRINCIPAL_PREFERENCES

Assign console preferences to principal

Administrator “{0}” attempted to assign preferences to a principal

eventSystem 16115 DELETE_PRINCIPAL_PREFERENCES

Remove console preferences for principal

Administrator “{0}” attempted to remove preferences from a principal

eventSystem 16116 UPDATE_PRINCIPAL_PREFERENCES

Update console preferences for principal

Administrator “{0}” attempted to update preferences for a principal

eventSystem 16117 READ_PRINCIPAL_PREFERENCES

Read user preferences

Administrator “{0}” attempted to read the preferences of a user




eventSystem 16118 CREATE_REALM_PREFERENCES

Assign console preferences to realm

Administrator “{0}” attempted to assign preferences for a realm

eventSystem 16119 DELETE_REALM_PREFERENCES

Remove console preferences for realm

Administrator “{0}” attempted to remove preferences from a realm

eventSystem 16120 UPDATE_REALM_PREFERENCES

Update console preferences for realm

Administrator “{0}” attempted to change preferences for a realm

eventSystem 16121 READ_REALM_PREFERENCES Read console preferences for realm

Administrator “{0}” attempted to read preferences for a realm

eventSystem 16130 READ_SERVER_ACCESS_INFO Read server access info

System attempted to read server access info

eventSystem 16131 READ_REPORT_PROPERTY Read report property

System attempted to access a report property

eventSystem 16133 JMS_INIT Initialize JMS System attempted to initialize the JMS system

eventSystem 16134 JMS_HANDLE_EVENT Handle JMS event

System attempted to process a received JMS event from broadcast

eventSystem 16135 JMS_PUBLISH_EVENT Publish JMS event

System attempted to broadcast a JMS event for event consumers




eventSystem 16136 JMS_CLUSTERING_START Cache clustering startup

Cache JMS clustering system for cache instance “{3}” was initialized

eventSystem 16137 JMS_CLUSTERING_SHUTDOWN

Cache clustering shutdown

Cache JMS clustering system for cache instance “{3}” was shut down

eventSystem 16138 JMS_SEND_BATCH_NOTIFICATION

Cache notification event

Cache JMS clustering system for cache instance “{3}” sent a batch message notification

eventSystem 16139 JMS_CONTENTS_DOWNLOAD Cache contents download

System attempted to download cache contents for cache instance “{3}”

eventSystem 16140 JMS_SCHEDULE_DEFERRED_CONTENTS_DOWNLOAD

Schedule deferred cache contents download

System attempted to verify deferred cache contents download for cache instance “{3}”

eventSystem 16141 JMS_DEFERRED_CONTENTS_DOWNLOAD

Deferred cache contents download

System completed deferred cache contents download for cache instance “{3}”

eventSystem 16142 SESSION_ADD_CONFIGURATION

Add session configuration

Administrator “{0}” added session configuration information




eventSystem 16143 SESSION_READ_CONFIGURATION

Fetch session configuration

Administrator “{0}” fetched session configuration information

eventSystem 16144 SESSION_UPDATE_CONFIGURATION

Update session configuration

Administrator “{0}” updated session configuration information

eventSystem 16145 SESSION_DELETE_CONFIGURATION

Delete session configuration

Administrator “{0}” deleted session configuration information

eventSystem 16146 SESSION_SEARCH_CONFIGURATION

Search session configuration

Administrator “{0}” searched session configuration information

eventSystem 16147 SESSION_ADD_LIFETIME_CONFIGURATION

Add session lifetime

Administrator “{0}” added a session lifetime configuration named “{3}”

eventSystem 16148 SESSION_READ_LIFETIME_CONFIGURATION

Fetch session lifetime

Administrator “{0}” fetched a session lifetime configuration named “{3}”

eventSystem 16149 SESSION_UPDATE_LIFETIME_CONFIGURATION

Update session lifetime

Administrator “{0}” updated a session lifetime configuration named “{3}”

eventSystem 16150 SESSION_DELETE_LIFETIME_CONFIGURATION

Delete session lifetime

Administrator “{0}” deleted a session lifetime configuration named “{3}”




eventSystem 16151 SESSION_SEARCH_LIFETIME_CONFIGURATION

Search session lifetime

Administrator “{0}” searched session lifetime configurations

eventSystem 16152 SESSION_SEARCH_ACTIVE Search active sessions

Administrator “{0}” searched active sessions

eventSystem 16153 CONF_READ Read configuration

Administrator “{0}” read configuration data for scope “{3}” ; section “{4}”

eventSystem 16154 CONF_METADATA_INSTALLED

Install congfiguration metadata

Administrator “{0}” installed configuration metadata for scope “{4}” ; parameter “{3}”

eventSystem 16155 CONF_METADATA_REMOVED Remove congfiguration metadata

Administrator “{0}” removed configuration metadata for scope “{3}” ; section “{4}”

eventSystem 16156 CONF_METADATA_CHANGED Change configuration metadata

Administrator “{0}” changed configuration metadata for scope “{4}” ; parameter “{3}”. “{6}”

eventSystem 16157 CONF_VALUE_ADDED Add configuration

Administrator “{0}” added configuration parameter “{3}” for scope “{4}” ; value “{5}”. {6}

eventSystem 16158 CONN_POOL_GET_CONNECTION

Retrieve connection

System attempted to retrieve connection for “{3}”




eventSystem 16159 CONN_POOL_FAILOVER Primary connection pool failed

Primary connection pool for “{3}” failed

eventSystem 16160 CONN_POOL_RESTORE Primary connection pool restored

Primary connection pool for “{3}” restored

eventSystem 16161 SNMP_READ_CONFIG Read SNMP agent configuration

System attempted to read SNMP agent configuration parameter “{3}”

eventSystem 16162 SNMP_AGENT_START Start SNMP agent System attempted to start an SNMP agent

eventSystem 16163 SNMP_AGENT_STOP Stop SNMP agent System attempted to stop an SNMP agent

eventSystem 16164 KM_KEY_BIND Bind key Administrator “{0}” bound key “{3}”

eventSystem 16165 KM_KEY_UNBIND Unbind key Administrator “{0}” unbound key “{3}”

eventSystem 16166 KM_KEY_FETCH Fetch key Administrator “{0}” fetched key “{3}”

eventSystem 16167 KM_KEY_UPDATE Update key Administrator “{0}” updated key “{3}”

eventSystem 16168 KM_KEY_PASSWORD_RESET Reset key password

Administrator “{0}” reset password for key “{3}”

eventSystem 16169 AA_PROCESS_REQUEST SSO request System processed an SSO request




eventSystem 16170 CONSOLE_INTEGRATION_INIT

Console Integration Service initialization

System attempted to initialize the Console Integration Service

eventSystem 16171 CONSOLE_INTEGRATION_REGMENU

Console Integration Service: Register menu

System attempted to register a menu

eventSystem 16172 CONSOLE_INTEGRATION_REGDOMENU

Console Integration Service: Register domain object menu

System attempted to register a domain object menu

eventSystem 16173 CONSOLE_INTEGRATION_REGPAGEHELP

Console Integration Service: Register page help

System attempted to register page help

eventSystem 16174 CONSOLE_INTEGRATION_REGCONSOLECONFIG

Console Integration Service: Register console configurations

System attempted to register console configurations

eventSystem 16175 LINK_SECURITY_DOMAIN_POLICIES

Link policies to security domain

Administrator “{0}” attempted to link policies to security domain “{3}”

eventSystem 16176 SYSTEM_STARTUP System startup System attempted to start up

eventSystem 16177 SYSTEM_SHUTDOWN System shutdown System attempted to shut down

eventSystem 16178 REPLICATION_NETWORK_FAILURE

Replication status A replication connection has been broken

eventSystem 16179 REPLICATION_PROCESS_FAILURE

Replication status A replication process is either stopped or abnormal




eventSystem 16180 REPLICATION_PROCESS_ERROR

Replication status A replication process stopped with an error

eventSystem 16181 GENERATE_SCRIPT Generate script System attempted to generate a replication-related script

eventSystem 16182 REPLICATION_SYSTEM_SETUP

Replica setup Administrator “{0}” attempted to create or modify the replication setup

eventSystem 16183 TERMINATE_DB_COMMAND Terminate database operation

System attempted to terminate a database import or export job

eventSystem 16184 EXPORT_DB_COMMAND Export database Administrator “{0}” attempted to export the database contents

eventSystem 16185 IMPORT_DB_COMMAND Import database Administrator “{0}” attempted to import the database contents

eventSystem 16186 EXECUTE_SQL_SCRIPT Execute SQL script

Administrator attempted to perform action “{6}” using the store utility

eventSystem 16187 PULL_FROM_REPLICAS Pull out-of-band updates from replicas

Administrator “{0}” attempted to pull out-of-band updates from replica sites “{3}”

eventSystem 16188 CREATE_SELFSERVICE_POLICY

Create self-service troubleshooting policy

Administrator “{0}” attempted to create an self-service troubleshooting policy




eventSystem 16189 DELETE_SELFSERVICE_POLICY

Delete self-service troubleshooting policy

Administrator “{0}” attempted to delete self-service troubleshooting policy “{4}”

eventSystem 16190 UPDATE_SELFSERVICE_POLICY

Update self-service troubleshooting policy

Administrator “{0}” attempted to update self-service troubleshooting policy “{4}”

eventSystem 16191 READ_SELFSERVICE_POLICY Read self-service troubleshooting policy

Administrator “{0}” attempted to read self-service troubleshooting policy “{4}”

eventSystem 16192 UNLINK_SECURITY_DOMAIN_SELFSERVICE_POLICY


Administrator “{0}” attempted to unlink the self-service troubleshooting policy from security domain “{3}”

eventSystem 16193 CREATE_IDENTITY_MAPPING Create identity mapping

Administrator “{0}” attempted to create an identity mapping

eventSystem 16194 UPDATE_IDENTITY_MAPPING Update identity mapping

Administrator “{0}” attempted to update an identity mapping

eventSystem 16195 READ_IDENTITY_MAPPING Read identity mapping

Administrator “{0}” attempted to read an identity mapping

eventSystem 16196 DELETE_IDENTITY_MAPPING Delete identity mapping

Administrator “{0}” attempted to delete an identity mapping




eventSystem 16197 CREATE_SECURITY_QUESTIONS_POLICY

Create security question policy

Administrator “{0}” attempted to create security question policy “{4}”

eventSystem 16198 DELETE_SECURITY_QUESTIONS_POLICY

Delete security question policy

Administrator “{0}” attempted to delete security question policy “{4}”

eventSystem 16199 UPDATE_SECURITY_QUESTIONS_POLICY

Update security question policy

Administrator “{0}” attempted to update security question policy “{4}”

eventSystem 16200 READ_SECURITY_QUESTIONS_POLICY

Read security question policy

Administrator “{0}” attempted to read security question policy “{4}”

eventSystem 16201 CREATE_TRUST Create trust Administrator “{0}” attempted to create a trust

eventSystem 16202 UPDATE_TRUST Update trust Administrator “{0}” attempted to update a trust

eventSystem 16203 READ_TRUST Read trust Administrator “{0}” attempted to read a trust

eventSystem 16204 DELETE_TRUST Delete trust Administrator “{0}” attempted to delete a trust

eventSystem 16211 CREATE_TRUST_DOMAIN Create trust domain

Administrator “{0}” attempted to create a trust domain




eventSystem 16212 UPDATE_TRUST_DOMAIN Update trust domain

Administrator “{0}” attempted to update a trust domain

eventSystem 16213 READ_TRUST_DOMAIN Read trust domain

Administrator “{0}” attempted to read a trust domain

eventSystem 16214 DELETE_TRUST_DOMAIN Delete trust domain

Administrator “{0}” attempted to delete a trust domain

eventSystem 16221 CREATE_TRUST_INSTANCE Create trust instance

Administrator “{0}” attempted to create a trust instance

eventSystem 16222 UPDATE_TRUST_INSTANCE Update trust instance

Administrator “{0}” attempted to update a trust instance

eventSystem 16223 READ_TRUST_INSTANCE Read trust instance

Administrator “{0}” attempted to read a trust instance

eventSystem 16224 DELETE_TRUST_INSTANCE Delete trust instance

Administrator “{0}” attempted to delete a trust instance

eventSystem 16225 READ_DATA_FILE_USAGE Read data file usage

Administrator “{0}” attempted to read a usage data file

eventSystem 16226 READ_LOG_FILE_USAGE Read log file usage

Administrator “{0}” attempted to read a log usage file

eventSystem 16227 DB_SPACE_USAGE_ALERT Database space usage alert

The database storage monitoring process produced an alert




eventSystem 16228 CREATE_ATTRIBUTE_CATEGORY

Create attribute Administrator “{0}” attempted to create an attribute category

eventSystem 16229 UPDATE_ATTRIBUTE_CATEGORY

Update attribute Administrator “{0}” attempted to update an attribute category

eventSystem 16230 SEND_SMTP_MESSAGE Send SMTP message

System attempted to send an SMTP message to “{3}” with the subject “{4}”

eventSystem 16231 SMTP_CONNECT SMTP connect System attempted to connect to the SMTP server in order to configure it

eventSystem 16232 DB_BACKUP_RESTORE Database backup and restore

System attempted to back up or restore the database

eventSystem 16233 DB_SPACE_USAGE_MANAGEMENT

Database space management

System attempted to configure the database table space usage

eventSystem 16234 ORACLE_COMMON_OPERATION

Oracle common management utility

System attempted to configure the Oracle database

eventSystem 16235 SNMP_TEST_TRAP SNMP test trap System attempted to send an SNMP test trap

eventSystem 16236 DELETE_SIGNING_KEY Delete log signing key

System attempted to delete a log signing key with GUID “{3}”

eventSystem 16237 FLUSH_COMMAND_TARGET_CACHE

Flush command target cache

System flushed the command target cache




eventSystem 16238 FLUSH_COMMAND_TARGET_CACHE_ENTRY

Flush command target cache entry

System flushed a command target cache entry

eventSystem 16239 CREATE_COMMAND_TARGET Create command target

System attempted to create a command target for trust “{4}”

eventSystem 16240 STORE_PWD_DIC Store password dictionary

System attempted to store the password dictionary

eventSystem 16241 ARCHIVE_LOG_FILE_SIGN Sign archive log file

An archive log batch job tried to sign archive log file “{3}”

eventSystem 16242 ARCHIVE_LOG_FILE_VERIFY Verify archive log file signature

An archive log batch job tried to verify the signature of file “{3}”

eventSystem 16243 XML_SERIALIZER_CONFIGURATION

XML serializer configuration

XML serializer tried to perform a configuration

eventSystem 16244 XML_SERIALIZER_INITIALIZING

XML serializer initializing

XML serializer tried to initialize the engine

eventSystem 16245 XML_SERIALIZER_BEAN_PARSING

XML serializer parsing failure

XML serializer failed to parse bean structure for class “{3}” ; property “{4}”

eventSystem 16246 XML_SERIALIZER_PARSING XML serializer parsing failure

XML serializer failed to parse the XML structure

eventSystem 16247 XML_SERIALIZER_CLASS_LOADING

XML serializer class-loading failure

XML serializer failed to load class “{3}”




eventSystem 16248 CLU_AUDIT_LOG_COPY Copy audit log entries

Batch job attempted to copy CLU audit log entries from table “{3}”

eventSystem 16249 SESSION_MAX_LIMIT_FORCED_LOGOFF

Force session logoff

Session was terminated because it exceeded the maximum number of sessions allowed per instance

eventSystem 16250 SESSION_USER_LIMIT_FORCED_LOGOFF

Force session logoff

Session was terminated because it exceeded the maximum number of sessions allowed per user

eventSystem 16252 REGISTRY_INIT_DEPLOYMENT_UUID

Initialize deployment UUID

System attempted to initialize the deployment UUID

eventSystem 16253 PROCESS_SECURITY_QUESTIONS

Processing answers to security questions

System was processing the user's answers to security questions

eventSystem 16254 REPLICATION_PROCESS_STATUS

Replication process status

Replication propagation process restarting for scheduled maintenance

eventSystem 16255 CONF_VALUE_DELETED Delete configuration

Administrator “{0}” deleted configuration parameter “{3}” from scope “{4}” ; value “{5}”. {6}




eventSystem 16256 CONF_VALUE_UPDATED Update configuration

Administrator “{0}” updated configuration parameter “{3}” for scope “{4}” ; value “{5}”. {6}

eventSystem 16257 SYNC_PROPERTIES Synchronize properties

Synchronize system properties.

eventSystem 16274 DATABASE_BACKUP Database backup System attempted to backup the database

eventSystem 16258 UPDATE_BATCH_JOB_STATUS_ERROR

Update batch job status

System failed to update batch job's status

eventSystem 16276 OC_PROMOTE_REPLICA Promote replica to be primary via OC

Operations Console administrator “{0}” attempted to promote a replica instance to primary instance

eventSystem 16277 OC_ADD_REPLICA Add replica to primary via OC

Operations Console administrator “{0}” attempted to add replica instance “{3}”

eventSystem 16278 OC_REMOVE_REPLICA Remove replica via OC

Operations Console administrator “{0}” attempted to remove a replica instance

eventSystem 16279 OC_ATTACH_REPLICA Attach detached replica via OC

Operations Console administrator “{0}” attempted to reattach a replica instance to the primary instance




eventSystem 16280 OC_REPLICATION_STATUS View replication status via OC

Operations Console administrator “{0}” attempted to view replication status

eventSystem 16281 OC_CLEAN_DEMOTED_PRIMARY

Clean demoted primary via OC

Operations Console administrator “{0}” attempted to clean the demoted primary instance

eventSystem 16282 OC_ATTACH_DEMOTED_PRIMARY

Attach a demoted primary instance via OC

Operations Console administrator “{0}” attempted to attach a demoted primary instance

eventSystem 16283 OC_CLEAN_DELETED_OFFLINE_REPLICA

Clean a replica deleted when offline via OC

Operations Console administrator “{0}” attempted to clean an offline replica instance that was previously deleted

eventSystem 16284 OC_LIST_INSTANCES List all instances via OC

Operations Console administrator “{0}” attempted to list all instances in the deployment

eventSystem 16285 OC_SYNC_REPLICA Synchronize replica with primary instances via OC

Operations Console administrator “{0}” attempted to synchronize all replicas instances




eventSystem 16259 REPLICATION_LINK_STATUS Check replication status

System checked replicaton status between the primary {3} and the replica {4} in the direction {5}

eventSystem 16260 REPLICATION_ARCHIVE_LOG_USAGE_CHECK

Check replication archive log usage

System checked replication archive log usage and found {3} MB used out of {4} MB allocated

eventSystem 16261 BATCH_CLEANUP_ORPHANED_PRINCIPALS_SKIP

Clean up unresolvable users and groups

The system attempted to clean up unresolvable principals ; but was unable to clean up user “{3}” in identity source “{4}”.

eventSystem 16262 BATCH_CLEANUP_ORPHANED_PRINCIPALS_LIMIT_HIT

Clean up unresolvable users and groups

Cleanup of unresolvable users was not possible. Found {3} users ; which exceeded the automated cleanup limit of {4} users.

eventSystem 16263 FIND_PRINCIPAL_ACROSS_IDENTITYSOURCE

Find user across Identity Sources

System attempted to find user “{0}” across identity sources

eventSystem 16264 MARK_FIND_PRINCIPAL_ACROSS_IDENTITYSOURCE_FAILURE

System cannot process this authentication request

User cannot be found across identity sources. User “{3}” will not be allowed to authenticate for the next 60 minutes.




eventSystem 16265 DETERMINE_RELATED_IDENTITY_SOURCE

Attempting to determine whether the given identity sources connect to the same directory server

System cannot determine whether identity source “{3}” and identity source “{4}” are connecting to the same directory server.

eventSystem 16266 SEARCH_PRINCIPALS Search users System attempted to search users in identity source “{3}”

eventSystem 16286 READ_SECURITY_QUESTIONS_LIST

Read security questions list

Administrator “{0}” attempted to read security questions list “{4}”

eventSystem 16287 RBA_USER_COUNT RBA user count System attempted to count the number of RBA users

eventSystem 16288 AA_OFFLINE_TASK AA offline task System attempted to run AA offline task

eventSystem 16289 RBA_DEVICE_MANAGEMENT RBA device management

System attempted to cleanup expired and over the limit user devices

eventSystem 16290 STOP_SERVICE Stop service Attempting to stop service “{3}”

eventSystem 16291 START_SERVICE Start Service Attempting to start service “{3}”.

eventSystem 16294 IDENTITY_SOURCE_GET_CONNECTION_FAILED

Failed to connect to identity source

Cannot process requests that need access to identity source “{3}”. The identity source is currently unreachable.




eventSystem 16295 TRACK_USER_MOVE_IN_REPLICA_FAILED_REACHING_PRIMARY


The user''s distinguished name has changed. Cannot contact primary instance to update the user.Authentication requests from “{3}” to this instance will not be successful until primary updates the user.

eventSystem 16296 TRACK_USER_MOVE_IN_REPLICA_FAILED


The user''s distinguished name has changed. Either the primary could not update the user or the primary cannot be contacted. Authentication requests from “{3}” to this instance will not be successful until primary updates the user.

eventSystem 16297 BUILD_RELATED_IDENTITY_SOURCE_CACHE_FAILED

System cannot initialize related identity source cache

System cannot initialize related identity sources for identity source “{3}”

eventSystem 16298 UNABLE_LOOKUP_NAMING_CONTEXTS_ROOT_DSE

System cannot lookup directory server''s root DSE attributes

System cannot lookup directory server''s root DSE attributes for identity source “{3}”




eventSystem 16299 UPDATE_PRINCIPAL_FOR_LDAP_CHANGE

Update principal System attempted to update principal “{3}” based on changes made in identity source “{4}”

eventSystem 16300 CREATE_BACKUP_ORIG_PRIMARY

Create Backup Created backup in the original primary instance at “{3}”

eventSystem 16301 PRINCIPAL_WITH_DUPLICATE_USERID

Duplicate user ID user found

User ID “{3}” already exists. User IDs must be unique within an identity source

eventSystem 16302 INVALID_PRINCIPAL Invalid user state User ID “{3}” already exists. User IDs must be unique within an identity source

eventSystem 16303 IMPORT_BACKUP_PROMOTED_REPLICA

Import Backup Importing backup on the promoted Replica instance from the following location “{3}”

eventSystem 16304 TRANSFER_BACKUP_PROMOTED_REPLICA

Transfer Backup Transferred backup “{3}” to the promoted Replica instance

eventSystem 16317 CREATE_RBA_POLICY Create RBA policy

Administrator “{0}” attempted to create an RBA policy

eventSystem 16318 DELETE_RBA_POLICY Delete RBA policy

Administrator “{0}” attempted to delete RBA policy “{4}”




eventSystem 16319 UPDATE_RBA_POLICY Update RBA policy

Administrator “{0}” attempted to update RBA policy “{4}”

eventSystem 16320 READ_RBA_POLICY Read RBA policy Administrator “{0}” attempted to read RBA policy “{4}”

eventSystem 16321 UNLINK_SECURITY_DOMAIN_RBA_POLICY


Administrator “{0}” attempted to unlink the RBA policy from security domain “{3}”

eventSystem 16322 AA_MAINTENANCE_TASK AA maintenance task

System attempted to run AA maintenance task procedure “{0}”

eventSystem 16323 RBA_AUTHN_ATTEMPT Risk Based Authentication attempt

User attempted to authenticate via RBA

eventSystem 16324 UPDATE_SECURITY_QUESTIONS_LIST

update security questions list

Administrator “{0}” attempted to read security questions list “{4}”

eventSystem 16325 CREATE_SECURITY_DOMAIN_MAPPING

Create Security Domain mapping

Administrator “{0}” attempted to create security domain mapping for identity source “{3}”

eventSystem 16326 READ_SECURITY_DOMAIN_MAPPING

Read Security Domain mapping

Administrator “{0}” attempted to read security domain mapping for identity source “{3}”




eventSystem 16327 UPDATE_SECURITY_DOMAIN_MAPPING

Update Security Domain mapping

Administrator “{0}” attempted to update security domain mapping for identity source “{3}”

eventSystem 16328 DELETE_SECURITY_DOMAIN_MAPPING

Delete Security Domain mapping

Administrator “{0}” attempted to delete security domain mapping for identity source “{3}”

eventSystem 16329 READ_ACTIVE_USERS Unable to read active users from the system configuration

System failed to read the licensed number of active users from the system configuration

eventSystem 16330 REGISTRY_INSTANCE_MOST_RECENT_UPDATE_TIME

Getting last instance update time

System attempted to get last instance update time

eventSystem 16331 FILE_SERVICE_CREATE_FILE Creating new file for upload service

Administrator attempted to create new file for upload service

eventSystem 16332 FILE_SERVICE_DELETE_FILE Deleting uploaded file

Administrator attempted to delete uploaded file

eventSystem 16333 FILE_SERVICE_APPEND_FILE Appending data to file for upload

Administrator attempted to append data to upload file

eventSystem 16334 FILE_SERVICE_OPEN_FILE Opening uploaded file

Administrator attempted to open uploaded file

eventSystem 16335 WEBTIER_BIZTIER_TIME_NOT_IN_SYNC

Web-tier time not in sync

Web-tier time is not in sync with biz-tier server




eventSystem 16336 CONN_POOL_OFFLINE All connection pools failed

All connection pools for “{3}” failed

eventSystem 16337 CREATE_DATABASE_BACKUP Create Backup Create backup of internal database at “{3}”

eventSystem 16338 RESTORE_DATABASE_BACKUP

Restore database Restore backup of internal database from “{3}”

eventSystem 16339 LICENSE_INVALID_SIGNING_MATERIAL

Invalid license signing material

System does not recognize license signing material

eventSystem 16340 IMPORT_SECRETS Import secrets Import contents of the password-protected file into the system fingerprint.

eventSystem 16341 EXPORT_SECRETS Export secrets Export contents of the system fingerprint to the password-protected file.

eventSystem 16342 RECOVER_SECRETS Recover secrets Recover the system fingerprint.

eventSystem 16343 CHANGE_SECRETS_MASTER_PASSWORD

Change master password

Change the master password for the system fingerprint.

eventSystem 16344 MANAGE_SSL_CERT_IMPORT Import certificate Import the certificate “{3}” into the keystore “{4}”.

eventSystem 16345 MANAGE_SSL_CERT_CONFIG_SERVER

Configure server Configure the server “{3}” to use the new private key alias and password.




eventSystem 16346 OC_CREATE_IDENTITY_SOURCE

Create identity source

Operations Console administrator “{0}” attempted to create an identity source “{3}” using Super Admin credentials of “{4}”.

eventSystem 16347 OC_DELETE_IDENTITY_SOURCE

Delete identity source

Operations Console administrator “{0}” attempted to delete an identity source “{3}” using Super Admin credentials of “{4}”.

eventSystem 16348 OC_UPDATE_IDENTITY_SOURCE

Update identity source

Operations Console administrator “{0}” attempted to update an identity source “{3}” using Super Admin credentials of “{4}”.

eventSystem 16349 COPY_DATABASE_LOGS Copy database logs

System attempted to copy database audit logs from external database to internal database.

eventSystem 16350 CRITICAL_NOTIFICATION Critical System Event Notification

System ecountered a critical event.

eventSystem 16351 DELETE_JOB_RESTRICTED_TO_NON_EXISTING_INSTANCE

Delete batch job restircted to non-existing instance

Administrator “{0}” attempted to delete job restricted to non-existing instance “{3}”




eventSystem 16352 REGISTRY_INSTANCE_VERSION_LOOKUP

Look up instance version

Administrator “{0}” attempted to read an instance's version

eventSystem 16353 REGISTRY_INSTANCE_VERSION_UPDATE

Update instance version

System attempted to update the version for the instance “{3}”

eventSystem 16354 UPDATE_WEBTIER_CUSTOMIZATION

Update Webtier Customization

Administrator “{0}” attempted to update Webtier Customization Configuration

eventSystem 16355 READ_WEBTIER_CUSTOMIZATION

Read Webtier Customization

Administrator “{0}” attempted to read Webtier Customization Configuration

eventSystem 26001 AUTHMGR_BEAN_CONVERT Convert Bean Administrator “{0}” attempted to convert one bean to other

eventSystem 26002 AUTHMGR_AGENT_CREATE Create Agent Administrator “{0}” attempted to create an AM agent

eventSystem 26003 AUTHMGR_AGENT_DELETE Delete Agent Administrator “{0}” attempted to delete an AM agent

eventSystem 26004 AUTHMGR_AGENT_ENABLE Enable Agent Administrator “{0}” attempted to enable an AM agent

eventSystem 26005 AUTHMGR_AGENT_READ Read Agent Administrator “{0}” attempted to read an AM agent




eventSystem 26006 AUTHMGR_AGENT_UPDATE Update Agent Administrator “{0}” attempted to update an AM agent

eventSystem 26007 AUTHMGR_APS_LIST_CONFIG_READ

Read Agent Protocol Server List Config

Administrator “{0}” attempted to read Agent Protocol Server list config “{3}”

eventSystem 26008 UPDATE_AM_PRINCIPAL Update AM Principal

Administrator “{0}” attempted to update principal

eventSystem 26009 EXPORT_SOFT_TOKEN Export Soft Token

Administrator “{0}” attempted to export soft token

eventSystem 26010 IMPORT_TOKEN Import Token Administrator “{0}” attempted to import token

eventSystem 26011 PROCESS_REFERENTIAL_INTEGRITY_MESSAGES

Process Referential Integrity Message

Administrator “{0}” attempted to process referential integrity message

eventSystem 26012 READ_AGENT Read Agent Administrator “{0}” attempted to read agent

eventSystem 26013 READ_AM_PRINCIPAL Read AM Principal

Administrator “{0}” attempted to read AM principal

eventSystem 26014 READ_AM_TOKEN_EMERGENCY_ACCESS_INFO

Read Token Emergency Access Info

Administrator “{0}” attempted to read token emergency access

eventSystem 26015 READ_OA_POLICY Read Offline Authentication Policy

Attempted to read offline authentication policy




eventSystem 26016 LOCATE_REALM_DEFAULT_OA_POLICY

Locate Realm Default Offline Authentication Policy

Administrator “{0}” attempted to locate realm default offline authentication policy

eventSystem 26017 READ_REPLACEMENT_TOKEN

Read Replacement Token

Administrator “{0}” attempted to read replacement token

eventSystem 26018 READ_SERVER_CONFIG Read Server Configuration

Attempted to read server configuration

eventSystem 26019 READ_SERVER_LIST Read Server List Attempted to read server list

eventSystem 26020 READ_TOKEN Read Token Attempted to read token

eventSystem 26021 SYNC_TOKENS Sync Token Administrator “{0}” attempted to sync token “{3}”

eventSystem 26022 UPDATE_AM_TOKEN_OFFLINE_EMERGENCY_ACCESS_INFO

Update Token Offline Emergency Access Info

Administrator “{0}” attempted to update token offline emergency access

eventSystem 26023 CONNECTION_ERROR Socket Connection Error

Error occurred while communicating with remote host “{3}”:“{4}”. Socket is locally bound to “{5}”:“{6}”

eventSystem 26024 INIT_WPCODE_MATCHER Init WPCODE Matcher

Attempted to initialize the WPCODE matcher




eventSystem 26025 NEXT_AVAILABLE_AM_TOKEN

Get Next Available Token

Administrator “{0}” attempted to get the next available token

eventSystem 26026 SEARCH_AM_TOKEN Search Token Administrator “{0}” attempted to search token

eventSystem 26027 VALIDATE_NEW_PIN Validate New PIN Attempted to validate the new PIN

eventSystem 26028 VALIDATE_NEXT_TOKENCODE

Validate Next Tokencode

Attempted to validate the next tokencode

eventSystem 26029 VALIDATE_PASSCODE Validate Passcode Attempted to validate the passcode

eventSystem 26030 AUTH_AGENT_LOOKUP Auth Agent Lookup

Administrator “{0}” attempted to lookup an auth agent

eventSystem 26031 READ_AGENT_ACTIVATED_GROUPS

Read Agent Activated Groups

Administrator “{0}” attempted to read agent activated groups

eventSystem 26032 READ_TOKEN_POLICY Read Token Policy

Attempted to read token policy

eventSystem 26033 LOCATE_REALM_DEFAULT_TOKEN_POLICY

Locate Realm Default Token Policy

Administrator “{0}” attempted to locate realm default token policy

eventSystem 26034 VALIDATE_NEW_STATIC_PASSCODE

Validate New Static Passcode

Attempted to validate the new static passcode

eventSystem 26035 LOOKUP_OBJECT Lookup Object Administrator “{0}” attempted to lookup object




eventSystem 26036 SESSION_CREATE Create Session Administrator “{0}” attempted to create session

eventSystem 26037 SYSTEM_DEFAULT_POLICY_MISCONFIGURED

System Default Policy Misconfigured

System default policy is misconfigured

eventSystem 26038 UPDATE_AM_TOKEN Update Token Administrator “{0}” attempted to update token

eventSystem 26039 AM_LINK_TOKEN_PRINCIPAL Link Token To Principal

Administrator “{0}” attempted to link token to principal

eventSystem 26040 GET_REG_USERS Get Registered Users

Administrator “{0}” attempted to get registered users

eventSystem 26041 ADJUDICATOR_CLOCK_SETBACK

Clock Setback Detected

Detected clock setback ; current:“{3}” expected:“{4}”

eventSystem 26042 ADJUDICATOR_PROCESS Adjudicator Processing

Attempted to process adjudicator request

eventSystem 26043 ADJUDICATOR_CONFIGURATION

Adjudicator Configuration

Attempted to initialize adjudicator configuration

eventSystem 26044 ADJUDICATOR_FAILOVER_CONFIGURATION

Adjudicator Failover Configuration

Adjudicator Failover configured for instance {3} using this order: {4}

eventSystem 26045 ADJUDICATOR_TIME_CHECK Time Synchronization Processing

Attempted Time Synchronization ; correct time:“{3}”

eventSystem 26046 ADJUDICATOR_FAILOVER Adjudicator Failover Event

Adjudicator Failover Event at node “{3}”




eventSystem 26047 SESSION_MODIFICATION Session Modification

Attempted to modify session

eventSystem 26048 AGENT_REQUEST_HANDLE Agent Request Handle

Attempted to handle an agent request

eventSystem 26049 AGENT_PACKET_RETRIEVE Agent Packet Retrieve

Attempted to retrieve an agent packet “{3}”

eventSystem 26050 AGENT_RESPONSE_SEND Agent Response Send

Attempted to send queued results back to agent

eventSystem 26051 GENERATE_REPORT Generate Report Administrator “{0}” attempted to generate report

eventSystem 26052 AUTHMGR_APS_LIST_UPDATE

Update Agent Protocol Server List

Administrator “{0}” attempted to update agent protocol server list

eventSystem 26053 AUTHMGR_APS_SYNCHRONIZATION

Agent Protocol Server Synchronization

Administrator “{0}” attempted to synchronize agent protocol servers

eventSystem 26054 AUTHMGR_HOST_DELETE Delete Host Administrator “{0}” attempted to delete host

eventSystem 26055 AUTHMGR_APS_DELETE Delete Agent Protocol Server

Administrator “{0}” attempted to delete Agent Protocol Server

eventSystem 26056 AUTHMGR_REALM_PREDELETE_TOKEN_ATTR_DELETE

Delete Predeleted Token Attributes

Administrator “{0}” attempted to delete attributes for predeleted token

eventSystem 26057 AUTHMGR_REALM_PREDELETE_TOKEN_DELETE

Delete Predeleted Realm Token

Administrator “{0}” attempted to delete token for predeleted instance




eventSystem 26058 AUTHMGR_REALM_PREDELETE_HOST_DELETE

Delete Predeleted Realm Host

Administrator “{0}” attempted to delete host of predeleted Realm

eventSystem 26059 AUTHMGR_REALM_PREDELETE_AGENT_DELETE

Delete Predeleted Realm Agent

Administrator “{0}” attempted to delete agent of predeleted Realm

eventSystem 26060 AUTHMGR_SD_PREDELETE_VALIDATION

Validate Predelete Administrator “{0}” attempted to validate predeleted security domain properties

eventSystem 26061 CTKIP_SERVICE_PROCESS_REQUEST

CTKIP Service Process Request

Attempted to process CTKIP request

eventSystem 26062 AUTHMGR_REALM_ADD Add Realm Administrator “{0}” attempted to add realm

eventSystem 26063 OA_SERVER_START Offline Authentication Service Startup

Attempted to start the offline authentication service

eventSystem 26064 APS_SERVER_START Start Agent Protocol Server

Attempted to start the agent protocol server

eventSystem 26065 AUTHMGR_SERVER_STARTUP

Start UDP Server Attempted to start the UDP server

eventSystem 26066 AUTHMGR_AGENT_LINK_APSLIST

Link Agent With Agent Protocol Server List

Administrator “{0}” attempted to link agent with agent protocol server list

eventSystem 26067 EXECUTE_SCRIPT Execute Script Attempted to execute script

eventSystem 26068 TCP_SERVER_STARTUP Started TCP Server

u201c{3}” started on port -- “{4}” “{5}”




eventSystem 26069 TCP_SERVER_SHUTDOWN Shutdown TCP Server

u201c{3}” is shutting down on port -- “{4}”

eventSystem 26070 UDP_SERVER_STARTUP Started UDP Server

u201c{3}” started on port -- “{4}”

eventSystem 26071 UDP_SERVER_SHUTDOWN Shutdown UDP Server

u201c{3}” is shutting down on port -- “{4}”

eventSystem 26072 ADJUDICATOR_SERVICE_STARTUP

Started Adjudicator Service

Adjudicator service started with {3} nodes

eventSystem 26073 ADJUDICATOR_SERVICE_SHUTDOWN

Shutdown Adjudicator Service

Adjudicator service is shutting down

eventSystem 26074 SQLPLUS_COMMAND Execute SQL*Plus Command

Attempted to execute a SQL*Plus command

eventSystem 26075 TRUSTED_USER_GROUP_CREATE

Create a trusted user group

Attempted to create a trusted user group

eventSystem 26076 TRUSTED_USER_GROUP_READ

Look up a trusted user group

Attempted to look up a trusted user group

eventSystem 26077 TRUSTED_USER_GROUP_UPDATE

Update a trusted user group

Attempted to update a trusted user group

eventSystem 26078 TRUSTED_USER_GROUP_DELETE

Delete a trusted user group

Attempted to delete a trusted user group

eventSystem 26079 SYS_REMOTE_PRINCIPAL_CREATE

Create a remote principal

Attempted to create a remote principal

eventSystem 26080 SYS_REMOTE_PRINCIPAL_READ

Look up a remote principal

Attempted to look up a remote principal




eventSystem 26081 SYS_REMOTE_PRINCIPAL_UPDATE

Update a remote principal

Attempted to update a remote principal

eventSystem 26082 SYS_REMOTE_PRINCIPAL_DELETE

Delete a remote principal

Attempted to delete a remote principal

eventSystem 26083 AUTHMGR_TRUST_PREDELETE_VALIDATION

Validate Predelete Administrator “{0}” attempted to validate predeleted trust properties

eventSystem 26085 CREATE_AM_PRINCIPAL Create AM Principal

Attempted to create AM Principal for Principal with “{1}”.

eventSystem 26086 LOCATE_SMS_AUTHENTICATOR

Locate On-Demand Authenticator

Attempted to locate On-Demand Authenticator for On-Demand-enabled Principal “{1}”.

eventSystem 26087 LOCATE_SMS_AUTHENTICATOR_COUNT

Locate On-Demand Authenticator Count

Attempted to locate On-Demand Authenticator Count.

eventSystem 26088 DISPATCH_MESSAGE Dispatch message Attempted to dispatch a message

eventSystem 26089 MESSAGE_PROCESSOR_START

Start Message Processor

Attempted to start the message processor: “{4}”

eventSystem 26090 MESSAGE_PROCESSOR_STOP

Stop Message Processor

Attempted to stop the message processor: “{4}”

eventSystem 26091 MESSAGE_PROCESSOR_DROP_MESSAGE

Message Processor Drop Message

Dropped message: “{4}”




eventSystem 26092 TRANSMIT_TXT_MSG_SMTP SMTP Transmission

Attempted to transmit text message via SMTP plugin

eventSystem 26093 TRANSMIT_TXT_MSG_SMS SMS Transmission

Attempted to transmit text message to “{3}” via “{4}” SMS plugin

eventSystem 26094 LOOKUP_AUTH_METHOD Authentication Method Lookup

Attempted to locate authentication method data

eventSystem 26095 MESSAGE_HANDLER_HANDLE_MESSAGE

Message Handler Handle Message

Attempted to handle message: “{4}”

eventSystem 26096 REFRESH_TRANSMISSION_PLUGINS

Refresh Droppable Transmission Plugins

Attempted to refresh droppable transmission plugins

eventSystem 26097 AM_ENABLE_PRINCIPAL_FOR_SMS

Enabled Principal for On-Demand Authentication

Attempted to enable principal for On-Demand Authentication

eventSystem 26098 AM_DISABLE_PRINCIPAL_FOR_SMS

Disabled Principal for On-Demand Authentication

Attempted to disable principal for On-Demand Authentication

eventSystem 26099 AM_UPDATE_SMS_FOR_PRINCIPAL

Updated On-Demand Authentication Attributes for Principal

Attempted to update On-Demand Authentication for principal

eventSystem 26100 AM_SEARCH_SMS_AUTHENTICATORS

Searched for On-Demand Authentication Attributes for Principals

Attempted to search On-Demand Authentication Attributes for principals




eventSystem 26101 CLEANUP_EXPIRED_AUTHENTICATORS_JOB

Cleanup Expired On-Demand Authenticators Batch Job

Batch job cleaned up expired On-Demand authenticators. Total number of deleted authenticators:

eventSystem 26102 SMS_CLICKATELL_API_CONNECTION_KEEP_ALIVE

SMS Clickatell API connection keep-alive

Attempted to keep alive the connection to the Clickatell API

eventSystem 26103 AM_UPDATE_SMS_CONFIGURATION

Update On-Demand Configuration

Attempted to update the On-Demand Configuration

eventSystem 26104 CLEANUP_EXPIRED_AUTHENTICATORS_JOB_FAILURE

Cleanup Expired On-Demand Authenticators Batch Job

Unexpected exception while attempting to clean up On-Demand authenticators. Skipping authenticator for principal “{1}”.

eventSystem 26105 SMS_CLICKATELL_SSL_INITIALIZATION_FAILURE

Initialize Clickatell plugin

Failure while initializing SSL connection to Clickatell. Message transmissions may fail.

eventSystem 26106 ADJUDICATOR_REHOMING User Home Node rebalance processing

Attempted User Home Node rebalance processing

eventSystem 26107 ADJUDICATOR_INSTANCE_CONFIGURATION

Adjudicator Instance configuration data processing

Adjudicator Instance \u201c{3}\u201d configuration data procesing attempted




eventSystem 26108 ON_DEMAND_LOGIN_FAILURE

On-Demand authentication processing

Unexpected error occured while processing On-Demand authentication attempt for principal \u201c{3}\u201d

eventSystem 26109 HEALTH_MONITOR_STARTUP_FAILURE

Database health monitor startup

Major error occured while starting up database health monitor. Agent failover will not work correctly.

eventSystem 26110 SDCONF_GENERATE_FAILURE

Generate agent configuration file

Unable to locate primary server. Rebalancing contact lists may resolve this issue.

eventSystem 26111 OC_RESTORE_BACKUP Restore system from backup via OC

Operations Console administrator “{0}” attempted to restore {7} from a backup. Location: “{3}” ; version: {4}

eventSystem 26112 OC_CONFIG_BACKUP_RESTORE

Configure backup and restore via OC

Operations Console administrator “{0}” attempted to configure backup and restore

eventSystem 26113 OC_CREATE_BACKUP Create backup via OC

Operations Console administrator “{0}” attempted to create a backup at “{3}”




eventSystem 26114 OC_LIST_BACKUPS List backups via OC

Operations Console administrator “{0}” attempted to list all backups

eventSystem 26115 OC_CONFIGURE_UPDATES Configure updates via OC

Operations Console administrator “{0}” attempted to configure updates

eventSystem 26116 OC_MANUAL_SCAN_UPDATES

Scan updates via OC

Operations Console administrator “{0}” attempted to scan for updates

eventSystem 26117 OC_LIST_UPDATES List updates via OC

Operations Console administrator “{0}” attempted to list updates

eventSystem 26118 OC_DOWNLOAD_RELEASE_NOTES

Download release notes via OC

Operations Console administrator “{0}” attempted to download release notes

eventSystem 26119 OC_APPLY_UPDATES Apply updates via OC

Operations Console administrator “{0}” attempted to apply updates

eventSystem 26120 OC_LIST_UPDATE_ROLLBACK_LOG_FILES

List update or rollback log files via OC

Operations Console administrator “{0}” attempted to list update or rollback log files




eventSystem 26121 OC_LIST_ROLLBACK List available rollbacks via OC

Operations Console administrator “{0}” attempted to list available rollbacks

eventSystem 26122 OC_CONFIGURE_SSH Configure SSH via OC

Operations Console administrator “{0}” attempted to configure SSH

eventSystem 26123 OC_CONFIG_SYSTEM_NETWORK_SETTING

Configure system network settings via OC

Operations Console administrator “{0}” attempted to configure system network settings

eventSystem 26124 OC_LIST_NIC List existing NICs via OC

Operations Console administrator “{0}” attempted to list existing NICs

eventSystem 26125 OC_CONFIGURE_PRI_NIC Configure primary NIC via OC

Operations Console administrator “{0}” attempted to configure primary NIC

eventSystem 26126 OC_SNMP_CONFIG Configure SNMP via OC

Operations Console administrator “{0}” attempted to configure SNMP

eventSystem 26127 OC_DOWNLOAD_MIB_FILE Download MIB file via OC

Operations Console administrator “{0}” attempted to download MIB file




eventSystem 26128 OC_CONFIGURE_LOGGING Configure logging via OC

Operations Console administrator “{0}” attempted to configure logging

eventSystem 26129 OC_LIST_APP_SYS_LOGS List appliance or system logs via OC

Operations Console administrator “{0}” attempted to list appliance or system logs

eventSystem 26130 OC_DOWNLOAD_APP_SYS_LOGS

Download appliance or system logs via OC

Operations Console administrator “{0}” attempted to download appliance or system logs

eventSystem 26131 OC_DOWNLOAD_UPDATE_LOG_FILE

Download update log file via OC

Operations Console administrator “{0}” attempted to download update log file

eventSystem 26132 OC_DELETE_UPDATE_LOG_FILE

Delete update log file via OC

Operations Console administrator “{0}” attempted to delete update log file

eventSystem 26133 OC_DOWNLOAD_ROLLBACK_LOG_FILE

Download rollback log file via OC

Operations Console administrator “{0}” attempted to download rollback log file




eventSystem 26134 OC_DELETE_ROLLBACK_LOG_FILE

Delete rollback log file via OC

Operations Console administrator “{0}” attempted to delete rollback log file

eventSystem 26135 OC_PERFORM_ROLLBACK Perform rollback via OC

Operations Console administrator “{0}” attempted to rollback

eventSystem 26136 OC_REBOOT_APPLIANCE Reboot appliance via OC

Operations Console administrator “{0}” attempted to reboot appliance

eventSystem 26137 OC_CONFIGURE_SEC_NIC Configure secondary NIC via OC

Operations Console administrator “{0}” attempted to configure secondary NIC

eventSystem 26138 OC_DELETE_RADIUS_SERVER

Delete RADIUS server via OC

Operations Console administrator “{0}” attempted to delete RADIUS server with Super Admin credentials of “{3}”.

eventSystem 26139 OC_STOP_RADIUS_SERVER Stop RADIUS server via OC

Operations Console administrator “{0}” attempted to stop RADIUS server with Super Admin credentials of “{3}”.




eventSystem 26140 OC_EDIT_DICT_RADIUS_SERVER

Edit RADIUS dictionary file

Operations Console administrator “{0}” attempted to edit RADIUS server dictionary file “{4}” with Super Admin credentials of “{3}”.

eventSystem 26141 OC_START_RADIUS_SERVER Start RADIUS server

Operations Console administrator “{0}” attempted to start RADIUS server with Super Admin credentials of “{3}”.

eventSystem 26142 OC_PROMOTE_RADIUS_SERVER

Promote replica RADIUS server

Operations Console administrator “{0}” attempted to promote RADIUS server with Super Admin credentials of “{3}”.

eventSystem 26143 OC_LIST_DICT_RADIUS_SERVER

List RADIUS server dictionary files

Operations Console administrator “{0}” attempted to list RADIUS server dictionaries with Super Admin credentials of “{3}”.




eventSystem 26144 OC_LIST_CONFIG_RADIUS_SERVER

List RADIUS configuration files

Operations Console administrator “{0}” attempted to list RADIUS server configuration files with Super Admin credentials of “{3}”.

eventSystem 26145 OC_EDIT_CONFIG_RADIUS_SERVER

Edit RADIUS server configuration file

Operations Console administrator “{0}” attempted to edit RADIUS server configuration file “{4}” with Super Admin credentials of “{3}”.

eventSystem 26146 OC_RADIUS_TRUSTED_ROOT_CERTS_REP

Enable Disable trusted root certificate for replication

Operations Console administrator “{0}” attempted to “{4}” trusted root certificate for replication with Super Admin credentials of “{3}”.

eventSystem 26147 OC_RADIUS_LIST_TRUSTED_ROOT_CERTS

List RADIUS server trusted root certificates

Operations Console administrator “{0}” attempted to list trusted root certificates with Super Admin credentials of “{3}”.




eventSystem 26148 OC_RADIUS_ADD_TRUSTED_ROOT_CERT

Add trusted root certificate

Operations Console administrator “{0}” attempted to add trusted root certificate with Super Admin credentials of “{3}”.

eventSystem 26149 OC_RADIUS_REPLACE_SERVER_CERT

Replace RADIUS server certificate

Operations Console administrator “{0}” attempted to replace RADIUS server certificate with Super Admin credentials of “{3}”.

eventSystem 26150 OC_RADIUS_DELETE_TRUSTED_CERT

Delete RADIUS trusted root certificate

Operations Console administrator “{0}” attempted to delete RADIUS server trusted certificate with Super Admin credentials of “{3}”.

eventSystem 26151 CREATE_BACKUP Create Backup The system attempted to create a backup.

eventSystem 26155 RBA_LOAD_INTEGRATION_SCRIPT_TEMPLATE

Load RBA integration script template

The system tried to load the RBA integration script template located at “{3}”

eventSystem 26156 START_RADIUS_REPLICATION_TIMER

Start RADIUS replication timer

System is starting the RADIUS replication timer




eventSystem 26157 STOP_RADIUS_REPLICATION_TIMER

Stop RADIUS replication timer

System is stopping the RADIUS replication timer

eventSystem 26158 MODIFY_RADIUS_REPLICATION_TIMER

Modify settings for RADIUS replication timer

System is modifying the RADIUS replication timer settings

eventSystem 26159 DISABLE_REPLICATION_FOR_RADIUS_SERVER

Disabling replication for a RADIUS server is no longer supported.

Administrator “{0}” attempted to disable replication for a RADIUS server

eventSystem 26160 OC_SSH_UPDATE Update SSH state using the OC

Operations Console administrator “{0}” attempted to update SSH state to “{3}”.

eventSystem 26161 DELETE_AGED_BACKUP Delete aged backup file

Backup Scheduler attempted to delete an aged backup at “{3}”

eventSystem 26162 OC_SCHEDULE_BACKUP_SKIPPED

Skipped Scheduled backup

Scheduled backup is skipped due to another system maintenance task is in progress

eventSystem 26163 OC_SCHEDULE_BACKUP Schedule backup via OC

Operations Console administrator “{0}” attempted to schedule a backup

eventSystem 26164 OC_SCHEDULE_CREATE_BACKUP

Create backup via OC scheduled job

Operations Console Backup Scheduler Job attempted to create a backup at “{3}”




eventSystem 26165 INSTANCE_HOST_REFRESH Instance Host Entry Refresh on Application Startup

Attempted to refresh the instance host entry and synchronize server lists

eventSystem 26166 AUTOMATIC_RADIUS_SERVER_CONFIG

Automatic RADIUS Server Configuration

Attempted to automatically configure the RADIUS Server for the Instance “{0}”

eventSystem 26167 OC_DELETE_BACKUP_FILE Delete backup file via OC

Operations Console administrator “{0}” attempted to delete a backup at “{3}”

eventSystem 26168 OC_EDIT_HOSTS_FILE Edit Appliance Hosts file

Operations Console administrator “{0}” attempted to edit the Appliance OS hosts file with Super Admin credentials of “{3}”.

eventSystem 26169 OC_NSLOOKUP Execute Name Server LookUp Command

Operations Console administrator “{0}” attempted to execute nslookup.

eventSystem 26170 OC_OS_PASSWORD_CHANGE Change the Operating System User Password

Operations Console administrator “{0}” attempted to change the operating system user pasword.




eventSystem 26171 OC_ENABLE_SSH Enable SSH state using the OC

Operations Console administrator “{0}” attempted to enable SSH.

eventSystem 26172 OC_DISABLE_SSH Disable SSH state using the OC

Operations Console administrator “{0}” attempted to disable SSH.

eventSystem 26173 AM_WEBTIER_PACK Pack latest Web Tier Configuration

Pack latest Web Tier Configuration Version {0}

eventSystem 26174 AM_WEBTIER_DOWNLOAD Download latest Web Tier Configuration

Download latest Web Tier Configuration Version: {0} ; data index: {1}

eventSystem 26175 AUTHMGR_UPDATE_FIREWALL_RADIUS_PORTS

Update Firewall on RADIUS Server Port Change

Attempted to update the firewall rules after a RADIUS Server port change.

eventSystem 26176 AUTHMGR_UPDATE_FIREWALL_APS

Update Firewall on Authentication Services Port Change

Attempted to update the firewall rules after authentication services port change.

eventSystem 26177 AUTHMGR_UPDATE_FIREWALL_XREALM

Update Firewall on Legacy Trusted Realm Port Change

Attempted to update the firewall rules after a legacy trusted realm port change.




eventSystem 26178 OC_RESTART_RADIUS_SERVER

Restart RADIUS server

Operations Console administrator “{0}” attempted to restart RADIUS server with Super Admin credentials of “{3}”.

eventSystem 26179 OC_ADD_RADIUS_DICTIONARY

Add a new RADIUS dictionary file

Operations Console administrator “{0}” attempted to add a new RADIUS dictionary “{4}” with Super Admin credentials of “{3}”.

eventSystem 26180 OC_OVERWRITE_RADIUS_DICTIONARY

Overwrite an existing RADIUS dictionary file

Operations Console administrator “{0}” attempted to overwrite an existing RADIUS dictionary “{4}” with Super Admin credentials of “{3}”.

eventSystem 26181 AUTHMGR_CHECK_TRUSTS_BEFORE_UPDATE_FIREWALL_XREALM

Check the existing trusts for updating the firewall rules

Check the existing trusts before updating the firewall rules on a legacy trusted realm port change.

eventSystem 26182 AUTOMATIC_REALM_CERTIFICATES_REMOVAL

Automatic REALM Certificates removal on hostname change

Attempted to remove realm certificates after hostname change to “{0}”

eventSystem 26183 AM_SYSTEM_START_REPLICA_ATTACH

Start Replica Attach

Attempted to start attaching the replica “{3}”




eventSystem 26184 AM_GET_DEPLOYMENT_CONFIG

Get Deployment Configuration

Attempted to get deployment configuration for the replica “{3}”

eventSystem 26185 OC_CERT_SIGNING_REQEUST Create Cert Signing Request

Operations Console administrator “{0}” attempted to create a certificate signing request. Key alias: “{3}”

eventSystem 36001 UCM_SEND_MAIL Mail send event key.

eventSystem 36022 UCM_LICENSE_CHECK License Check.

eventSystem 36025 UCM_ARCHIVE_REQUEST Archive UCM request action.

Administator “{4}” attempted to “{3}” UCM request using the archive ucm request utility.

eventSystem 36028 UPDATE_UCM_REQUEST Update UCM Request

Administator attempted to update (approve/distribute/reject/cancel) UCM request.



Documents

RSA Authentication Manager 8.0 Troubleshooting Guide