Changing the Password or Username for the App Control Service Account and IIS Identity
search cancel

Changing the Password or Username for the App Control Service Account and IIS Identity

book

Article ID: 286800

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

Update the password associated with the Carbon Black Service Account in Windows Services and IIS.

Environment

  • App Control Server: All Supported Versions
  • Microsoft Windows Server: All Supported Versions

Resolution

  1. Make the necessary adjustments to the Service Account (such as in Active Directory):
  2. If an Agent is installed, temporarily turn off Tamper Protection.
  3. Log in to the application server hosting the Console as the Carbon Black Service Account.
  4. Update the Windows Services for App Control:
    1. Open Services (Start > Run > services.msc > Ok)
    2. Stop the following services:
      • App Control Reporter Service
      • App Control Server Service
    3. For each: Right click > Properties > Log On
    4. Enter the updated credentials and click OK.
  5. Update the Application Pools in IIS:
    NOTE: If the Identity for the AppPools is set to "ApplicationPoolIdentity" NO change is needed.
    1. Open IIS Manager > expand the server name > select Application Pools:
    2. Note each of the following Application Pools:
      • DefaultAppPool
      • AppCDownloads (Server 8.10.2+)
    3. Right click each Application Pool > Advanced Settings > Process Model
    4. Edit the Identity and update the credentials.
    5. Use an administrative command prompt to issue the command:
      iisreset
  6. Start the services from Step 4.

Additional Information

  • If you have an App Control Agent installed, but do not know the Global CLI Password you will need to make the changes to the Services & IIS Identity via Safe Mode.
  • In some instances the temporary files in "C:\Users\SERVICEACCOUNT\AppData\Local\Temp" will need to be deleted after the password update is complete, and while the services are stopped.