UNIX v2 endpoint's administrator account password expired and you cannot modify the endpoint.
search cancel

UNIX v2 endpoint's administrator account password expired and you cannot modify the endpoint.

book

Article ID: 5996

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

After password is expired (eg. after 90 days for RHEL and AIX) for the administrator, the password is changed in the UNIX server. This change causes functions that refer to the endpoint to fail like Explore and Correlation. 

Environment

Applicable to all versions of Identity Manager

Resolution

1. You could try to run an etautil command on the Provisioning Server to reset the password.
For example:

etautil -u USER -p PWD -DYN update 'eTNamespaceName=UNIX v2' eTDYNDirectory eTDYNDirectoryName='My_Endpoint_Name' to eTDYNPassword='New_Endpoint_Password' 


The above does not work on all the endpoint types (eg. HPUX)
If the etautil command does not work use an ldap browser such as SOFTERRA LDAP Browser or JXplorer Ldap Browser

2. Use an ldapbrowser to connect to the Provisioning Repository router (i.e. data later) which is running on the Provisioning Server machine and listening on port 20391 using:

Bind DN = "eTDSAContainerName=DSAs,eTNamespaceName=CommonObjects,dc=etadb"
with the installation password and then navigate to the object

Navigate to etadb > im > endpoint type (Unix v2) > endpoint name
"eTDYNDirectoryName=My_Endpoint_Name,eTNamespaceName=UNIX v2,dc=im,dc=etadb"

and enter the clear-text new password into the attribute eTDYNPassword


After this try the etautil command from step 1 again to re-enter the password value so that we re-save the password as an encrypted value.

Powered by Wolken Software