Watch4net|M&R - Changing the standard passwords for greater security
Article ID: 315878
Updated On:
Products
VMware
Issue/Introduction
To provide information on what steps are required to change the default out of the box passwords in Watch4net | M&R for greater security (admin/changeme,root/watch4net, etc)
Symptoms:
Steps on how to change the default passwords in Watch4net / M&R
Symptoms:
Steps on how to change the default passwords in Watch4net / M&R
Environment
VMware Smart Assurance - Watch4Net/M&R
Resolution
What is required to change the default out of the box passwords in Watch4net | M&R for greater security (admin/changeme,root/watch4net, etc)
1. For changing the MySQL database password for apg/root users (default = watch4net) see KB https://kb.vmware.com/s/article/304674
After the database password is changed, the following configuration files need to be updated:
For changes to the above configuration files to take effect you need to restart any and all instances of the following modules:
tomcat
task-scheduler
backend
event-processing-manager
2. For changing the webservice-gateway admin password (default = changeme, used by centralized-management, task scheduler, tomcat connection to x100 datastore), edit the password in /opt/APG/Tools/Webservice-Gateway/Default/conf/users
Here is the full list of files that needs to be updated afterwards:
Note - there can be multiple instances of many of these files.
For the above to take effect you need to restart any and all instances of the following modules:
tomcat
task-scheduler
event-processing-manager
3. Changing application passwords (admin,datacentre,network,storage-operator,ws-user) is done via the Administration GUI. (Administration -> Users -> user).
The passwords for these users are stored in the master database, no update of config files is required afterwards as these are only user accounts.
1. For changing the MySQL database password for apg/root users (default = watch4net) see KB https://kb.vmware.com/s/article/304674
After the database password is changed, the following configuration files need to be updated:
| Module | User | File |
| tomcat | apg | <BASEDIR>/Web-Servers/Tomcat/<instance>/conf/server.xml |
| frontend-report-generator | apg | <BASEDIR>/Tools/Frontend-Report-Generator/<instance>/conf/report-generation-config.xml |
| frontend-search | apg | <BASEDIR>/Tools/Frontend-Search/<instance>/conf/frontend-search.xml |
| administration-tool | apg | <BASEDIR>/Tools/Administration-Tool/<instance>/conf/master-accessor-service-conf.xml |
| topology-cli | apg | <BASEDIR>/Tools/Topology/Default/<instance>/topology-refresh-config.xml |
| whatif-scenario-cli | apg | <BASEDIR>/Tools/WhatIf-Scenario-CLI/<instance>/conf/whatif-scenario-cli-conf.xml |
| backend | apg | <BASEDIR>/Backends/APG-Backend/<instance>/conf/mysql.xml |
| mysql-maintenance-tool | root | <BASEDIR>/Tools/MySQL-Maintenance-Tool/<instance>/conf/mysql-root-mysql.xml |
| mysql-maintenance-tool | root | <BASEDIR>/Tools/MySQL-Maintenance-Tool/<instance>/conf/mysql-root-apg.xml |
| generic-live-writer | apg | <BASEDIR>/Event-Processing/Generic-Live-Writer/<instance>/conf/generic-live-writer.xml |
| event-log-processor | apg | <BASEDIR>/Event-Processing/Event-Log-Processor/<instance>/misc/ds-event-log.xml |
Note: There can be multiple instances of many of these files.
For changes to the above configuration files to take effect you need to restart any and all instances of the following modules:
tomcat
task-scheduler
backend
event-processing-manager
2. For changing the webservice-gateway admin password (default = changeme, used by centralized-management, task scheduler, tomcat connection to x100 datastore), edit the password in /opt/APG/Tools/Webservice-Gateway/Default/conf/users
Here is the full list of files that needs to be updated afterwards:
| Module | User | File |
| task-scheduler | admin | <BASEDIR>/Custom/WebApps-Resources/<instance>/scheduling/scheduling-servers.xml |
| tomcat | admin | <BASEDIR>/Web-Servers/Tomcat/<instance>/conf/server.xml |
| frontend-report-generator | admin | <BASEDIR>/Tools/Frontend-Report-Generator/<instance>/conf/report-generation-config.xml |
| datastore-writer | admin | <BASEDIR>/Event-Processing/APG-Datastore-Writer/<instance>/conf/datastore-writer.xml |
Note - there can be multiple instances of many of these files.
For the above to take effect you need to restart any and all instances of the following modules:
tomcat
task-scheduler
event-processing-manager
3. Changing application passwords (admin,datacentre,network,storage-operator,ws-user) is done via the Administration GUI. (Administration -> Users -> user).
The passwords for these users are stored in the master database, no update of config files is required afterwards as these are only user accounts.
Additional Information
1. <BASEDIR> = The Watch4net/M&R/ Installation directory.
- Default on Linux is /opt/APG
- Defult on Windows is C:\Program Files\APG
2. To restart a Watch4net/M&R/ service:
On Linux: <BASEDIR>/bin/manage-modules.sh service restart <module> <instance>
On Windows: <BASEDIR>\bin\manage-modules.cmd service restart <module> <instance>
2. To restart a Watch4net/M&R/ service:
On Linux: <BASEDIR>/bin/manage-modules.sh service restart <module> <instance>
On Windows: <BASEDIR>\bin\manage-modules.cmd service restart <module> <instance>
Feedback
Yes
No
Powered by
