eiamadmin password reset in EEM without using an LDAP UI tool like JXPlorer
search cancel

eiamadmin password reset in EEM without using an LDAP UI tool like JXPlorer

book

Article ID: 236878

calendar_today

Updated On:

Products

Autosys Workload Automation

Issue/Introduction

EEM Documentation shows a way to use some LDAP browsing tools like JXPlorer, to connect to CA Directory and reset the password for eiamadmin 

If such a tool is not available, this document provides a way to reset eiamadmin password in EEM.

Environment

EEM 12.x

Embedded Entitlements Manager 12.x

Resolution

  1. Stop iGateway + dxserver  (Stop them via  /etc/init.d   or Windows Services Control Panel)

  2. Make a recursive folder backup of CA Directory (cp -rp /opt/CA/SharedComponents/CADirectory )

  3. Login as unix user dsa to perform below steps (su - dsa)

  4. Backup existing Directory database:

    dxdumpdb -f saved_file.ldif  <dsa_name>

    ## Note:  dsa_name is normally  itechpoz or iTechPoz  (DXSERVER/data/itechpoz/*.db   that file usually indicates the dsa_name the above command needs) 

  5.  Make a copy of the backed up database
            cp saved_file.ldif modified_file.ldif 

  6. Lets say the eiamadmin's new password is  the string NewPassword,  below command gives an encrypted version of the string NewPassword,  which will be used in the next step

    dxpassword -P SHA512 NewPassword

  7.  This command generates something like: 

    {SHA512}diQwBbzAvqCdbAQJtvLjKoBQ8x8SO3l2eOmDAboYIv3+rBDd+igbOenrX1pO3bJxucnOXeeP
    MRZ4gG5M9VeNgg==

  8.  Join the two lines to make it look like one line 
    {SHA512}diQwBbzAvqCdbAQJtvLjKoBQ8x8SO3l2eOmDAboYIv3+rBDd+igbOenrX1pO3bJxucnOXeePMRZ4gG5M9VeNgg==

  9. Edit the modified_file.ldif and look for the string   dn: cn=EiamAdmin,cn=Admins,cn=Entities,cn=iTechPoz

  10. For this user's section modify the userPassword and pzPasswordDigest entry values to the string from single line Step#7  above  

    userPassword: {SHA512}diQwBbzAvqCdbAQJtvLjKoBQ8x8SO3l2eOmDAboYIv3+rBDd+igbOenrX1pO3bJxucnOXeePMRZ4gG5M9VeNgg==

    pzPasswordDigest: {SHA512}diQwBbzAvqCdbAQJtvLjKoBQ8x8SO3l2eOmDAboYIv3+rBDd+igbOenrX1pO3bJxucnOXeePMRZ4gG5M9VeNgg==

  11. Save the file

  12. Load this LDIF file back  
    dxloaddb  <dsa_name> modified_file.ldif
    Note: change the dsa_name as indicated far above

  13. Start CA Directory, iGateway    (start them via  /etc/init.d   or Windows Services Control Panel)

  14. Login to EEM as eiamadmin / NewPassword

  15. Upon login, reset the password to something else using the reset password option
Powered by Wolken Software