Sometimes there is a need or site policy to change the passwords of the dsaadmin and imadmin users regularly. Follow the steps below.
Release: 14.4, 14.5
Component: CA Identity Manager, Virtual Appliance
To change the User Store password for dsaadmin and imadmin users, perform the given steps:
STEP 1: Change password in UserStore
1. Launch JXplorer.
2. In the Open LDAP/DSML Connection window, enter the following User Store login details and click OK.
* Host: Enter the host name of the Identity Manager where the User Store resides.
* Port: Enter port as 19289.
* Level: Select SSL + User + Password.
* User DN: Enter cn=dsaadmin,ou=im,ou=ca,o=com.
* Password: Enter the old master password of the User Store.
3. In the Server CA Certificate Missing window, select This Session Only.
4. In the left pane of the JXplorer home page, expand im and select dsaadmin.
5. In the right pane, click the Table Editor tab.
6. Double-click the (non-string data) value of the UserPassword attribute type.
7. In the User Password Data window that appears, change the password of the dsaadmin user, select the encryption type as SHA, and click OK.
8. Click Submit.
9. In the left pane of the JXplorer home page, expand im, people, and select imadmin. Next, follow steps 5 to 7 to change the password of the imadmin user. If a single click on Submit does not work, try clicking multiple times.
STEP 2: Update the password in UserStore definition
1. Access Identity Manager Management Console and select Directories > UserStore, click the [Export...] button at the bottom. UserStore.xml will be downloaded.
2. Use the Password tool to encrypt your new password. For example, on a Windows IM machine, launch a DOS prompt and go to C:\Program Files (x86)\CA\Identity Manager\IAM Suite\Identity Manager\tools\PasswordTool directory and run the following command.
pwdtools.bat -JSAFE -p <your new password>
3. Edit downloaded UserStore.xml to set the new encrypted password for imadmin user to access User Store. In my environment, I have edited line 125, i.e.
From
<Credentials user="uid=imadmin,ou=people,ou=im,ou=ca,o=com">{PBES}:HUkQTOZbkIs=</Credentials>
To
<Credentials user="uid=imadmin,ou=people,ou=im,ou=ca,o=com">{PBES}:FR8fyicr45YmhbO5Tkcm9A==</Credentials>
4. Save the UserStore.xml
5. Go back to IM Management Console, go to Directories > UserStore, and click [Update...] button at the bottom. Click [Browse...] to select the updated UserStore.xml and click [Next>>] . You will see a Warning message like below.
click [Finish]
Click [Continue]
Click [Restart Environment]
Now you should be able to log in as imadmin using the new password.
This is done through Jxplorer. For further assistance with Jxplorer or LDAP please contact your LDAP Administrator.