Resetting the EEM PozAdmin Password
search cancel

Resetting the EEM PozAdmin Password

book

Article ID: 410883

calendar_today

Updated On:

Products

Autosys Workload Automation

Issue/Introduction

This document provides a step-by-step guide on how to reset the password for the PozAdmin user in EEM. PozAdmin is an internal EEM user ID specifically used by iGateway to establish a connection with DXserver. Resetting this password involves updating both the DXserver database and the iGateway configuration.

Environment

* Product: Embedded Entitlements Manager (EEM)

* Components: iGateway, DXserver

* Operating System: Linux/Unix (based on provided file paths)

Resolution


Resetting the PozAdmin password requires a multi-step process involving stopping EEM components, updating the password in the DXserver database, and subsequently updating the iGateway configuration to reflect the new password. 

A. Stop EEM Components:
1. As the root user, stop iGateway: 
 /opt/CA/SharedComponents/iTechnology/S99igateway stop 
2. Switch to the dsa user: 
 su - dsa
3. Stop all DXserver instances: 
 dxserver stop all
 
B. Update DXserver PozAdmin Password:
1. Export the existing DXserver database for the itechpoz store: 
 dxdumpdb -f orig_itechpoz.ldif itechpoz
2. Make a backup copy of the original DXserver database dump file:
 cp orig_itechpoz.ldif updated_itechpoz.ldif 
3. Generate a new SHA512 hashed password using the dxpassword command. 
 Replace <NewPassword> with your desired clear-text password. 
 dxpassword -P SHA512 <NewPassword>
 Example Output: {SHA512}abcdefg
 *Important: Copy the entire output string, starting from {SHA512} to the end of the line. 
4. Edit the updated_itechpoz.ldif file:
 vi updated_itechpoz.ldif
5. Search for the Distinguished Name (DN) entry for PozAdmin: dn: cn=PozAdmin,cn=Admins,cn=Entities,cn=iTechPoz
6. Within that section, locate the userPassword: entry, which will appear similar to: userPassword: {SHA512}.....
7. Replace the existing password value with the new SHA512 hashed password generated in step B.3. 
**Note:** The original password in the file might span multiple lines. Ensure you delete the entire existing password value before pasting the new one. 
8. Save the updated_itechpoz.ldif file. 
9. Load the updated DXserver database: 
 dxloaddb itechpoz updated_itechpoz.ldif
10. Start DXserver:
 dxserver start all

C. Update iGateway Configuration with New Password: 
1. Switch back to the root user. 
2. Set the necessary environment variables:
 export IGW_LOC=/opt/CA/SharedComponents/iTechnology 
 export EIAM_HOME=/opt/CA/SharedComponents/EmbeddedEntitlementsManager 
 export JAVA_HOME=$EIAM_HOME/jre 
 export PATH=$EIAM_HOME/jre/bin:$IGW_LOC:$PATH
3. Change directory to the EEM bin folder:
 cd $EIAM_HOME/bin 
4. Run the eiam-clustersetup.jar utility to "munge" your new clear-text PozAdmin password. 
 Use the *exact same clear-text password* you chose in step B.3. 
 java -jar eiam-clustersetup.jar -m <the_new_pozadmin_password> 
 Example Output: {MUNGE2}abcdefg
 **Important:** Copy the entire output string, starting from {MUNGE2} to the end of the line. 
5. Change directory to the iGateway configuration folder: 
 cd $EIAM_HOME/config/server
6. Make a backup copy of the server.xml file: 
 cp server.xml server.xml.orig-pozadmin
7. Edit the server.xml file: 
 vi server.xml 
8. Locate the <pozadmin> section, which will look similar to this:
 <pozadmin>
 <dn>cn=PozAdmin,cn=Admins,cn=Entities,cn=iTechPoz</dn> 
 <password>{MUNGE2}abcdefg</password> 
 </pozadmin>
9. Replace the existing password value with the munged password generated in step C.4. 
10. Save the server.xml file. 
11. Start iGateway:
 /opt/CA/SharedComponents/iTechnology/S99igateway start

D. Verification:
1. Access the EEM URL in a web browser. 
2. Log in and confirm that you can view more applications in the application drop-down menu than just "Global." This indicates that iGateway has successfully reconnected to DXserver using the newly updated PozAdmin password. 

Powered by Wolken Software