We upgraded from 10.7.2 to 10.8.3.1 and IAM service is up and running. IAM is configured with LDAP. When we try to login as ldap users authentication is failing.

In User federation section, we noticed that LDAP password is incorrect. We updated the password with right password and changes are saved. When we re-build/re-install the IAM component using our ansible scripts, LDAP changes are reverted back.

There is a change in storing the password of LDAP configured in IAM. LDAP password is now stored as a p12 file at location given below

   <USER_HOME>/.devtest/certificates/devtest-keystore.p12

   After you update the password in IAM, copy this file and place it at any persistent path where the files are not updated with the installation.

Add below property in iam.properties to refer this keystore path as ldap password.

iam.vault.keystore=<Location_of_p12_file>
iam.vault.password={cry}lf657dbd06c54c1590145b50f8f7252288365de0685431f6b3fab6a7d3b4e30349f1ca78d2286351bd9a5

  Restart the service after the changes. Update these changes in Ansible, so that changes are persistent with the next installation