Managing the default Policy Manager administrator account

Document ID : KB000042844
Last Modified Date : 07/03/2018
Show Technical Document Details
Introduction:

The local Policy Manager administrator account is used to ensure administrative access to the Gateway via the Policy Manager is available even if an external identity provider that provides user authentication and authorization is disabled or unavailable. It may be necessary to reset this password if the credentials are lost. This article will describe this process.

Instructions:

The administrative credentials for a user authorized to access the CA API Gateway Policy Manager can be changed by any other user assigned to the Administrator role within the API Gateway. If another administrative user is not available then the credentials can be reset from the privileged shell of the API Gateway appliance as the root user. To reset the credentials in this manner, do the following:

  1. Connect to the API Gateway via a serial cable, direct console access, or SSH

  2. Log in as the ssgconfig user

  3. Select Option #3: Use a privileged shell (root)

  4. Execute the following command: /opt/SecureSpan/Appliance/bin/resetAdmin.sh dbUser dbPassword

NOTE: The values dbUser and dbPassword should be replaced with the username and password of the privileged MySQL user. The privileged Linux user account is not used for this purpose

  1. Provide the API Gateway database name

  2. Provide the username of the administrative account to be unlocked

The password for the account in step #6 will be changed to password. It is recommended that this password be changed immediately upon logging in and ensuring the replacement password conforms to the Gateway password policy.

Additional Information: