Absent Member.. JasonCantrell Absent Member..
Absent Member..
196 views

[OO Support Tip] Changing the database (DB) username and/or password for Central & Scheduler

Problem:

The need arises for the Database (DB) username and/or password to be changed within the Operations Orchestration (OO) application (namely Central and Scheduler) because of respective changes to the DB due to security implications.

 

Solution:

 

NOTE: Windows variables such as %ICONCLUDE_HOME% in Linux are referred to by $ICONCLUDE_HOME. Paths in Windows use the "\" but in Linux they use the "/". The Linux scrpit is called "change-db-props.sh". The commands below need to be amended accordingly depending on the Operating System.

*** Changing the DB username/password for Central:

1. Open a command prompt

2. cd %ICONCLUDE_HOME%\Central\tools

3. change-db-props.bat new_username new_password

Output similar to the following should be observed:

 

 INFO [main] (11:25:14,530) com.iconclude.dharma.commons.security.DharmaEncrypterBase -         RSA/ECB/PKCS1PADDING
 INFO [main] (11:25:14,530) com.iconclude.dharma.commons.security.DharmaEncrypterBase -         PBEWITHSHA1ANDRC2_40
 INFO [main] (11:25:14,530) com.iconclude.dharma.commons.security.DharmaAESEncrypter - Instantiating AES encryptor...
 INFO [main] (11:25:14,686) com.iconclude.dharma.commons.security.DharmaBasicEncrypter - Instantiating DES encryptor...
 INFO [main] (11:25:14,686) com.iconclude.dharma.commons.security.DharmaBasicEncrypter - Instantiating DES encryptor...
 INFO [main] (11:25:14,686) com.iconclude.dharma.commons.security.DharmaAESEncrypter - Instantiating AES encryptor...

These mean the changes went through correctly.

Sometimes the following error is observed and the script exits:

log4j:WARN No appenders could be found for logger (com.iconclude.dharma.commons.security.DharmaEncrypterBase).
log4j:WARN Please initialize the log4j system properly.

To fix these the following should be done:

1. Edit change-db-props.bat (on Linux edit change-db-props.sh)

2. The SET ICONCLUDE_CLASSPATH line should have %ICONCLUDE_HOME%\jetty\resources; added at the end, semicolon included so it looks like:

SET ICONCLUDE_CLASSPATH=-classpath "%ICONCLUDE_HOME%\Central\tools\lib\secure-props.jar;%ICONCLUDE_HOME%\Central\WEB-INF\lib\dharma-commons.jar;%ICONCLUDE_HOME%\Central\WEB-INF\lib\commons-cli-1.0.jar;%ICONCLUDE_HOME%\Central\thirdparty\ant.jar;%ICONCLUDE_HOME%\Central\WEB-INF\lib\log4j-1.2.8.jar;%ICONCLUDE_HOME%\jetty\resources;"

3. On Linux, the variable is called "cp" and is set at line 66 of the script. Add :$ICONCLUDE_HOME/jetty/resources at the end (including the colon) so it looks like:

cp="$ICONCLUDE_HOME/tools/secure-props.jar:$ICONCLUDE_HOME/Central/WEB-INF/lib/dharma-commons.jar:$ICONCLUDE_HOME/Central/WEB-INF/lib/commons-cli-1.0.jar:$ICONCLUDE_HOME/Central/thirdparty/ant.jar:$ICONCLUDE_HOME/Central/WEB-INF/lib/log4j-1.2.8.jar:$ICONCLUDE_HOME/jetty/resources"

4. Save & exit.

5. Re-run the script.

 

*** Changing the DB username/password for Scheduler.

1. Open a command prompt.

2. Run the change-db-props.bat file to set up the environment.

3. Execute the following line (we use -d instead -u and -p because we are not changing the username/password directly, we are changing the properties referring to them):

"%ICONCLUDE_HOME%\jre1.6\bin\java" %ICONCLUDE_CLASSPATH% %ICONCLUDE_HOME_DEF% com.iconclude.dharma.tools.SecureProps -f %ICONCLUDE_HOME%\Scheduler\conf\secured.properties -d org.quartz.dataSource.schedulerDS.user=new_username -d org.quartz.dataSource.schedulerDS.password=new_password

On Linux first run:

1. . /installation/path/of/OO/.iconcluderc

e.g. . /opt/OO/Central-9.00/.iconcluderc

export cp="$ICONCLUDE_HOME/tools/secure-props.jar:$ICONCLUDE_HOME/Central/WEB-INF/lib/dharma-commons.jar:$ICONCLUDE_HOME/Central/WEB-INF/lib/commons-cli-1.0.jar:$ICONCLUDE_HOME/Central/thirdparty/ant.jar:$ICONCLUDE_HOME/Central/WEB-INF/lib/log4j-1.2.8.jar:$ICONCLUDE_HOME/jetty/resources"

"$ICONCLUDE_HOME/jre1.6/bin/java" -classpath $cp com.iconclude.dharma.tools.SecureProps -f $ICONCLUDE_HOME/Scheduler/conf/secured.properties -d org.quartz.dataSource.schedulerDS.user=new_username -d org.quartz.dataSource.schedulerDS.password=new_password

2. Restart Scheduler & Central.

 

Direct link to the document:

http://support.openview.hp.com/selfsolve/document/KM1041212

HP Support
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.
Labels (3)
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.