etaadmin password reset broke IDM and Provisioning communication

Document ID : KB000026280
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

We had a working system with Identity Manager and Provisioning integrated. We used Reset User Password and reset the etaadmin (Provisioning Administrator) password. Now, etaadmin can log into Identity Manager and also can log into Provisioning Manager but the integration of the products is destroyed and we can't provision any user t. Is there anywhere else I am supposed to change the etaadmin's password to re-enable this integration ?

 

Solution:

You should update the new password to the Provisioning directory object definition in the policy store as follows:

- export the directory.xml via the /immanage management console
- use the Password Tool to encrypt your new password (see instructions below)
- paste the newly encrypted password into the directory.xml file
- import the directory.xml file back into the environment via /idmmanage.

To use the password tool you should:
- edit the: CA Identity Manager\Password Tool\pwdtools.bat and uncomment the line...

::SET JAVA_HOME=.... ... > // set the correct JDK path to this variable and save this file.

- Then you run the the utility from command line: pwdtools.bat MyNewPassword - depending on whether FIPS is in use you might have to use different switch
- it will encrypt the password for you so you can copy and paste it to the xml file.