IBM Content Platform Engine (CPE)

Procedure to Change System User Password in IBM CPE 5.5.1

March 1, 2019

In IBM CPE 5.5.1, users can change the password of the System User via Administration Console for Content Platform Engine (ACCE). The procedure is required if the System User account does NOT change but the password will change. If both the user account and password are changed at the same time, no special process is required in IBM CPE 5.5.1.

Following are the steps to change CPE user’s password:

  • With the CPE running, change the current System User’s password in the LDAP to the desired new value.
ldap_server_windows

Note: In Case Your system user is also admin user and bind in WAS CPE or ICN/ICM JVM profile and you have to perform additional changes in WAS Console.

  • Before Changing password in LDAP, open WAS Console, go to global security settings, federated repositories, AD tab tab like this:
websphere_console_global_security
  • Log onto ACCE using a domain admin account. If the System User is the domain admin, the new password will be used to login.
  • After successful logon, go to Directory Configuration tab and change the user’s password as described:
administration_console_for content_platform_engine_directory_config_tab
  • Navigate to the properties tab for the domain.
  • Edit the System User name, retype the System User name using different case (e.g. all caps, all smalls, just something different).
  • Edit the password to be that of the desired (e.g. the new password of System User) account and Save.
administration_console_for content_platform_engine_properties_tab
  • Verify proper system function. For example, navigate to ACCE to the Workflow system down to the configuration of a component queue. If this is possible, the PE service is able to utilize the System User as expected. Furthermore, if same user is used for Component queues than you have to change its password there as demonstrated here:
filenet_configure_workflow_system
ibm_filenet_component_queue
  • No special procedure is required further. Even you just don’t need to restart CPE enable WAS JVM. But for safe side, you can restart IBM FileNet P8 services. You also need to verify Content Platform Engine (CPE) Health page.

IN IBM CPE 5.5.1, bootstrap user complexity has been removed and its now works as system user instead of bootstrap user. Once you updated to version 5.5.1, it’s no more longer associated to GCD and JNDI bindings.

In case you want to change both user and password following steps will be performed:

  • Create a new user in LDAP.
  • Logon to ACCE, with the previous user name and password.
  • Go to domain properties tab.
  • Retype New user name in any case (lower, uper or mix letter).
  • Retype its newly user’s modified password.
  • Save and close.
  • Verify system functionalities completely.

For more details go to following tech notes:

https://www-01.ibm.com/support/docview.wss?uid=ibm10737163

https://www.ibm.com/support/knowledgecenter/en/SSNW2F_5.5.0/com.ibm.p8.security.doc/p8psh017.htm

You Might Also Like

No Comments

Leave a Reply

error

Subscribe