How to change EEM(Embedded Entitlements Manager) Password in WCC (CA Workload Automation) environment.

Document ID : KB000048109
Last Modified Date : 14/02/2018
Show Technical Document Details
  1. Create new user or taking an existing one in EEM, with the application set to WCC<#>, add the user in the scoping policies so they are similar to the current EiamAdmin user. Should only need to update Policy named AdministerObjects, if you have default policies in place.

    * NOTE if you are creating a new user (vs using ldap) you would need to do this on ALL the EEM servers involved. Multi-write mode is for policies ONLY not userids and passwords / user store configurations.

  2. Change the WCC so that it is using the new id/password for eem connections.

    %CA_WCC_INSTALL_LOCATION%\bin\wcc_config.bat -u ejmcommander -p
    <EJMCOMMANDER_PASSWORD> -eemhostname <EEM_HOST_NAME(S)> -eemadmin

    Note: if you need to find out current settings (for example EEM hostname)
    you can do it with this command or to confirm once you changed it:

    %CA_WCC_INSTALL_LOCATION%\bin\wcc_config.bat -u ejmcommander -p


  3. Change autosys so it is using native mode via autosys_secure

  4. Change the EIAMADMIN password via the EEM UI on both/all of the EEM servers as needed for this specific WCC/EEM configuration.
    You might want to reconfirm you can login to EEM with the new password.
    * NOTE - AGAIN ...the ids and passwords are NOT part of the multi-write so you would need to make the change manually on all the EEM servers

  5. Run the again with options such that it would again use eiamadmin to connect but now with the new password.

    %CA_WCC_INSTALL_LOCATION%\bin\wcc_config.bat -u ejmcommander -p
    <EJMCOMMANDER_PASSWORD> -eemhostname <EEM_HOST_NAME(S)> -eemadmin
    eiamadmin -eempassword <NEW_EiamAdmin_PASSWORD>

    Again you can run the wcc_config.bat with the --displayeem option to confirm the change took place and also obviously relogin to wcc to confirm all is well.

  6. run autosys_secure again to toggle autosys back into EEM mode and regenerate the security key/certificate.

    The re-generating of the key would need to be done on each APP SERVER machine.