Corporate policy might require that passwords be changed on a regular schedule. Passwords can be changed using either the Sentinel Control Center or standard database utilities. After changing a password, some Sentinel components need to be updated to use the new password.
This procedure can be used to change the password for the Sentinel Administrator account (admin) or any other Sentinel Control Center or Web interface user.
Log in to the Sentinel Control Center as the Sentinel Administrator or another user with User Management permissions.
For more information on logging into the SCC, see Accessing the Novell Sentinel Web Interface
in the Sentinel 6.1 Rapid Deployment User Guide.
Click
. The User Manager window displays.Double-click admin user account or right-click User Details.
Modify the account password and confirm password. Click
.No additional updates are needed in the Sentinel system.
Changing the passwords for system users, such as dbauser, rptuser, or appuser, must be done using standard database utilities; it cannot be done by using the Sentinel Control Center. Some of these passwords are encrypted and stored in configuration files and used in normal Sentinel operations. These configuration files must be updated after the passwords are changed. System user passwords can be updated using standard database utilities.
IMPORTANT:Changing password for the PostgreSQL user is not supported in Sentinel 6.1 Rapid Deployment.
Open the <install_directory>/3rdparty/postgresql/data/pg_hba.conf file and add the following line at the top:
local all trust
Restart PostgreSQL by using the following command:
<install_directory>/bin/sentinel.sh stopdb
<install_directory>/bin/sentinel.sh startdb
Export <install_directory>/3rdparty/postgresql/lib directory to LD_LIBRARY_PATH
Specify the following command to connect to PostgreSQL with <install_directory>/3rdparty/postgresql/bin/psql
psql -d <database_name> -U dbauser
Specify the following to change the dbauser password:
ALTER USER <user name> WITH PASSWORD ‘<new_password>’;
Replace <username> with the user name such as dbauser, appuser, or rptuser.
ALTER USER dbuser WITH PASSWORD ‘<new_password>’;
Specify any of the following to exit psql:
Ctrl-D
\q
Open the pg_hba.conf file and remove the following line:
local all trust
Restart PostgreSQL by using the following command:
<install_directory>/bin/sentinel.sh stopdb
<install_directory>/bin/sentinel.sh startdb
If the appuser or dbauser password is changed, several Sentinel configuration files must be updated with an encrypted form of the new password or the system cannot access the database. You can use the dbconfig utility to add the modified password in the encrypted form to the appropriate files. To use the dbconfig utility run the following command:
dbconfig -a <install_directory>/config -u <username> -p <password> -h <server_ip_address/hostname> -t <port_number> -d <database_name> -s <database_type>
The dbconfig utility is used to set the database connection related information in the config file/s under <install_directory>/config directory such as username, password, database name, port, hostname.
NOTE:dbconfig -help displays the list of all the options that you can use with the dbconfig command.
If the dbauser password is changed, the Sentinel Data Manager connection properties must be updated in order for any automated Sentinel Data Manager command line tasks to continue to work (if applicable in your environment). These password change procedures are only necessary if extra Sentinel Data Manager jobs have been created and scheduled or the Sentinel Data Manager command line interface is used.
Run the following command and use the new dbauser password for the <dbPass> parameter. For more information, see Sentinel Data Manager
in Sentinel 6.1 Rapid Deployment User Guide.
sdm -action saveConnection -server <postgresql> -host <hostIp/hostName> -port <portnum> -database <databaseName/SID> [-driverProps <propertiesFile>] {-user <dbUser> -password <dbPass>} -connectFile <filenameToSaveConnection>