[OO Support Tip] System Account passwords lost on publish, update, or import.
Using Operation Orchestration (OO), what is the expected behavior of System Accounts when exporting or publishing them from one repository to another?
The expected behavior when exporting System Accounts varies depending on which version of Operations Orchestration you are using.
Versions 2.X, 7.X and versions 9.X up to and including 9.04: (bold & underline me)
Operations Orchestration was designed to prevent exporting of System Accounts in any manner due to security concerns.
Theoretically anyone could take an exported repository, import it into a fresh OO install and use the System Account to do whatever they wanted to within the privileges granted by the credentials in the System Account.
Confusion arose around this feature due to a defect in a few versions of the 7.x branch where System Accounts would migrate under certain limited circumstances. This was never intended behavior.
Solution: The only solution for versions of Operations Orchestration prior to 9.05 is to re-enter the authentication information in the destination repository.
Version 9.05 and later 9.xx versions:
In versions 9.05 of Operations Orchestration and later, a new configuration flag was introduced giving the Operations Orchestration environment administrator the capability of allowing the exporting of System Accounts. The security concerns are still present, however the need to be able to migrate content in controlled environments was recognized and a solution provided.
Excerpt from OO 9.06 Release Notes:
Preventing System Account Password Reset When Exporting a Repository
Note: The following item was introduced in version 9.05.
By default, when a repository containing system accounts is exported, the password is erased. It is now possible to prevent this from happening by adding the following line to the Central.properties and Studio.properties files:
Repository content is tracked by its unique UUID. If the UUID for the System Account in the target differs from the UUID for the System Account in the source you will encounter failures in publishing the System Account.
Direct link to document here:
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.