Unable to access EEM to update the LDAP bind users password after the password was changed in LDAP
search cancel

Unable to access EEM to update the LDAP bind users password after the password was changed in LDAP

book

Article ID: 203697

calendar_today

Updated On:

Products

CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - System Agent (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) Workload Automation Agent CA Workload Automation AE

Issue/Introduction

The Password for connecting EEM to LDAP got changed.
When I try to login into EEM to update, it is unresponsive.

 

Environment

Autosys 12.x

Component: CA Workload Automation

Cause

The Password stored in EEM to make the connection to the LDAP is no longer valid.

Resolution

1) Logon to the EEM server host with administrative privileges.
Linux
root

Windows
administrator

2) Change to the below directory using the cd command.
Linux
/opt/CA/SharedComponents/EmbeddedEntitlementsManager/config/server

Windows:
C:\Program Files\CA\SharedComponents\EmbeddedEntitlementsManager\config\server

3) Make a backup copy of the server.xml file
Linux:
cp server.xml server.xml.backup

Windows:
copy server.xml server.xml.backup

(Make a backup of the existing server.xml file as a precaution as it contains your LDAP details.)

4) Edit the server.xml file to update the LDAP password section
Linux
vi server.xml

Windows
Open server.xml with notepad.exe

There you should see your LDAP definition details.
  <userstores>
    <genericldapstore name="myldap">
      <map>Microsoft Active Directory</map>
      <hostname>myldaserver.example.com:389</hostname>
      <basedn>CN=Users,DC=myldaserver.example.com,DC=com</basedn>
      <userdn>CN=AutosysLdapBind,CN=Users,DC=myldaserver.example.com,DC=com</userdn>
      <password>{MUNGE2}PzUHBUpfHlda</password>
      <maxbindconnections>3</maxbindconnections>
      <maxconnections>10</maxconnections>
      <conntimeout>20</conntimeout>
      <requesttimeout>60</requesttimeout>
      <searchretrycount>3</searchretrycount>

5) update the entry with the new encrypted value for the ldap user's password.

NOTE - to get the new string you will run the following:
Linux:
export EIAM_HOME=/opt/CA/SharedComponents/EmbeddedEntitlementsManager
cd /opt/CA/SharedComponents/EmbeddedEntitlementsManager/bin
java -jar eiam-clustersetup.jar -m    <YourNewLDAPBindPasswordValue>

Windows:
Open the Autosys Command prompt
cd C:\Program Files\CA\SharedComponents\EmbeddedEntitlementsManager\bin
java -jar eiam-clustersetup.jar -m    <YourNewLDAPBindPasswordValue>

that should give you a result like this:

Nov 19, 2020 12:22:23 PM IclUtil itechLibInit
INFO: iTechSDK initialized successfully
INFO - munge value : {MUNGE2}ARoAFUhgfyVZUxxYYzz=

You do need to include the {MUNGE2} part as in the tag.
Example :
{MUNGE2}ARoAFUhgfyVZUVxxYYzz=

6) save the file

7) restart igateway
Linux
$IGW_LOC/S99igateway stop
$IGW_LOC/S99igateway start

Windows
Use the services to restart the iGateway service