In CA ControlMinder r12.0 SP1, passwords were encrypted using the RC2 encryption method. In CA ControlMinder r12.5 SP1,the password encryption method was changed to AES. Therefore, passwords that were encrypted using RC2 encryption method cannot work in newer versions of CA ControlMinder. To solve this problem, you encrypt the existing passwords in AES after you upgrade from CA ControlMinder r12.0SP1.
Follow these steps:
update IM_DIR_CONNECTION set password=null where connection_name='java:/userstore’;
For each entry in the tlbusers table, change the password with the encrypted passwords that you generate.
DELETE FROM connection WHERE connection_name='con1';
Note:For more information about the DMS connection settings, see the Online Help.
Example: Encrypt passwords using the pwdtools utility
This example shows you how to encrypt a user password in AES encryption mode using the pwdtools utility and set the encrypted password in the Enterprise Management Server database.
ACServerInstallDir/IAM_Suite/Access_Control/tools/PasswordTool/
SET JAVA_HOME=C:\jdk1.5.0
pwdtools -FIPS -p <"password"> -k JBOSS_HOME\server\default\deploy\IdentityMinder.ear\config\com\netegrity\config\keys\FIPSkey.dat
The encrypted password is displayed. Copy the password to a clipboard.
update tblusers set password = '<encrypted password>' where loginid='<username>';
You have set the account password with an encrypted password.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|