How to recreate the user canonprv if it is deleted from the OS by mistake.

Document ID : KB000021385
Last Modified Date : 14/02/2018
Show Technical Document Details

Introduction:

Operating System Installation Management (OSIM) requires a local user "canonprv" on every boot server.

This user is used when OSIM is configured in share mode. The BootImage uses "canonprv" to connect to the OS Image share and copy the OS install files to the target PC.

The password for this user is controlled by the Boot ServerĀ and is changed daily. The password is encrypted and stored in the comstore.

Only the boot server can change the password.

If the user is deleted by accident, and then recreated, control of the password needs to be handed back to OSIM before the functionality is restored.

This document describes how to recreate the "canonprv" user and hand control of the password back to OSIM

Instructions:

Use the following procedure to recreate the canonprv user

  1. sdbsswitch -t

  2. create a new canonprv user in Windows with password C@nonprv1 (ensure you uncheck all boxes)

  3. cd to "C:\Program Files\CA\DSM\osimips\os-template\updates\winpe30\i386\ca-osim"

  4. run the command
    canet crypt canonprv C@nonprv1

  5. Copy the encrypted output

  6. run the command
    ccnfcmda -cmd getparametervalue -ps itrm/scalability_server/osim/managedpc/server -pn logonpasswd

  7. run the command
    ccnfcmda -cmd setparametervalue -ps itrm/scalability_server/osim/managedpc/server -pn logonpasswd -v <password>
    where <password> = the encrypted password copied in step 5

  8. run the command
    ccnfcmda -cmd getparametervalue -ps itrm/scalability_server/osim/managedpc/server -pn logonpasswd
    and verify that the value was updated

  9. sdbsswitch -s

After this the shares will have been recreated with the correct permissions for canonprv, the password for canonprv will also have been changed. This can be verified by running the getparametervalue again. The boot server automatically changes the password for security reasons.