Changing password for EEM internal users in a massive way
search cancel

Changing password for EEM internal users in a massive way

book

Article ID: 245480

calendar_today

Updated On:

Products

CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager

Issue/Introduction

The EEM user store has the same)generic password for all accounts and we would like to update the accounts with a strong password.

Is there a method to update an EEM password from a command line or another batch method for this?

Environment

EEM 12.x

 

Resolution

1. Create a template to export with the name users_to_export.xml:

<?xml version="1.0" standalone="yes" ?>
<Safex>
<Attach label="Service Catalog"/>
<Export file="EEMusers_export.xml" globalfolders="n" globalsettings="n" globalusergroups="n" globalusers="y" folders="n" usergroups="n" users="y" calendars="n" policies="n" appobjects="n" maxsearchsize="50000" />
<Detach/>
</Safex>

(In this example we are using label ="Service Catalog" but you could use any other label)

2. Run the following command from the server where EEM is installed

C:\Program Files\CA\SC\EmbeddedEntitlementsManager\bin>safex -l localhost -f EEMusers_export.xml -u eiamadmin -p <password>

EEMusers_export.xml is created and shows something similar to:

<GlobalUser folder="/" name="testuser1">
<UserName>testuser1</UserName>
<PasswordDigest>{SHA512}iQw4MMmysesmGnuKfA1GMDj1PDrX5Vxe2LL+Wov8+u1+Zqonb540ZJBTKbkEOMgDg/MpSua0zzuWKwPnKLbR8w==</PasswordDigest>
<IncorrectLoginCount>5</IncorrectLoginCount>
<PasswordChangeDate>1591309378</PasswordChangeDate>
<IncorrectLoginCount>5</IncorrectLoginCount>
</GlobalUser>

3. Encrypt the new password by running the following command from the server where EEM is installed

C:\Program Files\CA\Directory\dxserver\bin>dxpassword -P SSHA512 newPassword123

(where newPassword123 is the new password)

This generates something similar to:

{SSHA512}oUAhZQEBTcIvwxhZHI1rQmvr9qz6znXL5BPrBvsK2Cs1Z1SOyNDroKUxVMtRBo8GWmX6I0VAwDo6oUy7PuSssV7AIvU=

4. Update EEMusers_export.xml and change

<Add>
<GlobalUser folder="/"

to

<Modify>
<GlobalUser folder="/"

5. Update the password for testuser1 from:

<PasswordDigest>{SHA512}iQw4MMmysesmGnuKfA1GMDj1PDrX5Vxe2LL+Wov8+u1+Zqonb540ZJBTKbkEOMgDg/MpSua0zzuWKwPnKLbR8w==</PasswordDigest>

to 

<PasswordDigest> {SSHA512}oUAhZQEBTcIvwxhZHI1rQmvr9qz6znXL5BPrBvsK2Cs1Z1SOyNDroKUxVMtRBo8GWmX6I0VAwDo6oUy7PuSssV7AIvU=</PasswordDigest>

6. Run the following command from the server where EEM Is installed to import back into EEM:

C:\Program Files\CA\SC\EmbeddedEntitlementsManager\bin>safex -l localhost -f EEMusers_export.xml -u eiamadmin -p <password>

7. Test by logging in with the user into EEM and Broadcom applications (i.e. ITAM, CATALOG)

Powered by Wolken Software