Recover Lost or Locked-Out Policy Manager account on Dockerized Gateway
search cancel

Recover Lost or Locked-Out Policy Manager account on Dockerized Gateway

book

Article ID: 100443

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

The CA API Gateway was installed on a Docker container which was started with the docker-compose parameters: SSG_ADMIN_USERNAME: "<UserName>" SSG_ADMIN_PASSWORD: "<Password>" However, when trying to login using Policy Manager with the above username and password error shows username or password error.

Use these instructions if your Policy Manager admin account has been lost or is locked out on your CA API Gateway installed on the Docker platform

Environment

CA API Gateway 9.3 in docker environment.

Cause

On database level the ssg database has admin as the username. Running following command 

mysql> select * from internal_user \G;

showed name: admin
enabled: 1

mysql> select * from logon_info \G;

state: EXCEED_ATTEMPT
fail_count: 6
login: admin

On further attempt to login through policy manager will increase the fail_count. You can also use this fix if you have simply forgotten or lost your Policy Manager admin account

Resolution

Reset the admin password and in cases where the password is either Locked or Unknown 

1. Find the mysql container id using docker ps
2. Access the container -  docker exec -it <id> bash -l
3. Go to mysql prompt
4.Run UPDATE logon_info set state='ACTIVE', fail_count=0 where login='admin'; 
5. Run UPDATE internal_user SET password='$6$S7Z3HcudYNsObgs8$SjwZ3xtCkSjXOK2vHfOVEg2dJES3cgvtIUdHbEN/KdCBXoI6uuPSbxTEwcH.av6lpcb1p6Lu.gFeIX04FBxiJ.' WHERE name='admin'; 
6. Attempt to log in via the CA API Gateway Policy Manager with the original username and the password set to "password".
7. Reset the current administrative credentials to a secure password.