Policy Server GuidesPolicy Server Management GuideConfiguring and Managing Encryption Keys › Reset the Policy Store Encryption Key

Previous Topic: Multiple Policy Stores with Separate Key Stores

Next Topic: Configure Agent Key Generation

Reset the Policy Store Encryption Key

To reset the policy store Encryption Key

  1. Export your existing policy store content in clear text.
  2. Run smldapsetup remove to clear the policy store content and SiteMinder schema.
  3. Run "smreg -key new_encryption_key" to reset the Encryption Key.
  4. Reboot the machine.
  5. Load the Policy Server Management Console and retype the Admin password for the Directory Server.
  6. Open a command prompt.
  7. Run "smldapsetup ldgen -fany_filename_to_store_new_schema -v".
    The LDAP instance is correctly identified.
  8. Run "smldapsetup ldmod -fprevious_filename -v"
    LDAP is modified with the schema file.
  9. Run "smreg -su SiteMinder_admin_password" to reset SiteMinder Administrator password.
  10. Run "smobjimport -ismpolicy.smdif file -dsiteminder -wpassword -v" to import SiteMinder policy store base contents to LDAP.
  11. Run "smobjimport -ithe_original_exported_policy_export_file.smdif> -dsiteminder -wpassword -v" to restore the original content of policy store.

Important! Before running a SiteMinder utility or executable on Windows Server 2008, open the command line window with Administrator permissions. Open the command line window this way, even if your account has Administrator privileges. For more information, see the release notes for your SiteMinder component.