Recover Lost or Locked-Out Policy Manager account on Dockerized Gateway
book
Article ID: 100443
calendar_today
Updated On:
Products
CA API Gateway
Issue/Introduction
The CA API Gateway was installed on a Docker container which was started with the docker-compose parameters: SSG_ADMIN_USERNAME: "<UserName>" SSG_ADMIN_PASSWORD: "<Password>" However, when trying to login using Policy Manager with the above username and password error shows username or password error.
Use these instructions if your Policy Manager admin account has been lost or is locked out on your CA API Gateway installed on the Docker platform
Environment
CA API Gateway 9.3 in docker environment.
Cause
On database level the ssg database has admin as the username. Running following command
mysql> select * from internal_user \G;
showed name: admin enabled: 1
mysql> select * from logon_info \G;
state: EXCEED_ATTEMPT fail_count: 6 login: admin
On further attempt to login through policy manager will increase the fail_count. You can also use this fix if you have simply forgotten or lost your Policy Manager admin account
Resolution
Reset the admin password and in cases where the password is either Locked or Unknown
1. Find the mysql container id using docker ps 2. Access the container - docker exec -it <id> bash -l 3. Go to mysql prompt 4.Run UPDATE logon_info set state='ACTIVE', fail_count=0 where login='admin'; 5. Run UPDATE internal_user SET password='$6$S7Z3HcudYNsObgs8$SjwZ3xtCkSjXOK2vHfOVEg2dJES3cgvtIUdHbEN/KdCBXoI6uuPSbxTEwcH.av6lpcb1p6Lu.gFeIX04FBxiJ.' WHERE name='admin'; 6. Attempt to log in via the CA API Gateway Policy Manager with the original username and the password set to "password". 7. Reset the current administrative credentials to a secure password.