CA Data Protection - We need to change passwords for database users.

Document ID : KB000015804
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

We would like to safely change administrator password for CA DLP and such.

Answer:

To change the primary user password on the Database these steps be followed. 

1.First change the password for your database primary user, it must be changed here before making the changes to your gateways or CMS. Update the Wgn_User password under the global SQL -> Security -> Logins folder . 
Depending on If you upgraded to a newer version you may also need to update the individual gateways DB users as well. Those users will look like WgnUser_<Machine_Name> (If server is ABC-123 , then the account is WgnUser_ABC-123) and will be seen under the that servers database in the logins folder. 

2. Update the Gateways with the new users password. use the command below from the %wgnInstallDir%\system folder on each individual gateway to update the DB password. 

wgninfra -exec wigan/schema/Schema UpdateDBPassword "<DBpassword>" 

"<DBpassword>" is where you will put in your new password, so if your new password is Safe your command would look wgninfra -exec wigan/schema/Schema UpdateDBPassword "Safe". Once you have updated your password you will need to restart the Infrastructure in services. The system will cache your password so these changes will not take effect till after you restart the service. One the service is restarted you can check the activity logs to see if there are any DB connection errors. The logs folder is found in the data directory (%wgndatadir%\logs). 

3. Update the DB password in the CMS. Log into the Admin Console then use Tools -> Set Database Primary User Password option. As before the system will cache your password so these changes will not take effect till after you restart the service. One the service is restarted you can check the activity logs to see if there are any DB connection errors. The logs folder is found in the data directory (%wgndatadir%\logs). 



How to change Search User 

WGNSEARCH database account is automatically associated with the default database security model, Management Group (Standard). But if you enable additional security models on your CMS, each will require its own, unique Search User. 
1) To change the wgnsearch user will first need to do the change the password in the Database. This user is found in database under security -> Logins. 
2) Once changed in the Database the security model user accounts we would need to updated on the CMS in the Admin Console->Tools -> Manage Security Models. The default security model is Management Group (Standard). Select the security model you wish to update and select modify -> set credentials. 


How to change the Reports User 

External reporting applications (such as BusinessObjects Enterprise) use this database account to connect to the Data Warehouse and CMS database. You specify the Reporting User if you enable data warehousing when installing a CMS. 
1) To change the WGNREPORTS Password you must first change the user in the Database. This user is found in database under security -> Logins. 
2) Update the DB password in the CMS. Log into the Admin Console then use Tools -> Set Reporting Users Credentials option.