X
  • Sun
    September 15, 2009

Change Amadmin Password On File Based AM7.1

Guest Author
Last week, I provided the steps to change amadmin password on AM7.1. Someone had question on how to do it on file based AM7.1. The java code PasswordHashEncryption.java is still required to encrypt and hash the new password. Actually you don't need the whole AMConfig.properties, only one property am.encryption.pwd. You can pass the value as jvm option. For instance
$JAVA_HOME/bin/java -Dam.encryption.pwd=sZ6rTm4Dp1xp6MuXpwyQ3h0RsdcMK5eQ -cp .:/opt/sun/identity/lib/am_sdk.jar:/opt/sun/identity/lib/am_services.jar:/opt/sun/private/share/lib/jss4.jar PasswordHashEncryption password
09/15/2009 06:25:29:082 PM PDT: Thread[main,5,main]
Crypt.static{}: Encryptor class= com.iplanet.services.util.JSSEncryption
09/15/2009 06:25:29:429 PM PDT: Thread[main,5,main]
Intilize CryptoManager in JSSEncryption.java
09/15/2009 06:25:29:432 PM PDT: Thread[main,5,main]
ocspCheck value in JSSEncryption : false
09/15/2009 06:25:29:527 PM PDT: Thread[main,5,main]
Crypt.static{}: Encryptor class= com.iplanet.services.util.JSSEncryption
09/15/2009 06:25:29:529 PM PDT: Thread[main,5,main]
Crypt.static{}: Encryptor class= com.iplanet.services.util.JSSEncryption
AQICLqdIM0wqkuAPYEdaOxfZvVAAAtsgBoW+OH7J1cVz6itmtRb7KTB4CQ==
If you add "com.iplanet.services.debug.directory=/whatever", you can get rid off the debug messages on std output.
Note, on file based AM7.1, you don't see amadmin user under subjects tab. So you only need to change the user entry file. You can first go to directory /amflatfiledir/amserver/sms and grep "u=amAdmin,ou=users,ou=default,ou=GlobalConfig,ou=1.0,ou=sunIdentityRepositoryService,ou=services". Once found, edit the file by replace the value of "userPassword" with the new one. Note "=" must be escaped, for instance
userPassword\\=AQICLqdIM0wqkuAPYEdaOxfZvVAAAtsgBoW+OH7J1cVz6itmtRb7KTB4CQ\\=\\=
Last step is the same, restarting AM server.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.