How to change the password of the AD user for the ENTM System Manager or how to sync the AD user's password change in ENTM

Document ID : KB000017478
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

If you have to change the password of the Active Directory user account mapped to the ENTM System Manager please follow these steps:

Solution:



  • Click the "Directories" link
  • Click the "ac-dir" link
  • Scroll down the page and click the "Export..." button
  • Save and then edit the "ac-dir.xml" file in e.g. notepad / vi
  • On the ENTM Server open a cmd / sh and set JAVA_HOME

    Windows: set JAVA_HOME=C:\jdk1.7.0

    Linux: export JAVA_HOME=/usr/java/jdk1.7.0_21

  • Encrypt the new password from clear text to AES cypher text
    https://support.ca.com/cadocs/0/CA%20ControlMinder%2012%208-ENU/Bookshelf_Files/HTML/idocs/index.htm?toc.htm?1358853.html
    e.g.
    # ./pwdtools.sh -FIPS -p "newPassword" -key /opt/jboss-4.2.3.GA/server/default/deploy/IdentityMinder.ear/config/com/netegrity/config /keys/FIPSkey.dat

  • In the "ac-dir.xml" file put the new password (and new user)
    ...
    <Credentials user="CN= ... >{AES}: ... ==</Credentials>
    ...

  • Amend the line in the "ac-dir.xml" file so that it is exactly like this:
    ...
    <Container objectclass="top,organizationalUnit" attribute="ou" value=""/>
    ...

  • Save the modified "ac-dir.xml" file and return to your

    CA Identity Minder Management Console
    Home : Directories : ac-dir

  • Scroll down the page and click the "Update..." button
  • Select and load the "ac-dir.xml" file

You should now be able to logon to ENTM with the new user / password.

File Attachments:
TEC617027.zip