Skip Headers
Oracle® Identity Manager Installation and Configuration Guide for IBM WebSphere Application Server
Release 9.1.0.1
Part Number E14064-04
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us
Go to previous page
Previous		 Go to next page
Next
View PDF

B Changing the Password of the xelsysadm User

The following sections describe the steps involved in changing the password for the xelsysadm administrative user for Oracle Identity Manager release 9.1.X deployed on IBM Websphere Application Server version 6.1.X.

B.1 Creating a Backup of the WebSphere Configuration and Oracle Identity Manager Database

Oracle recommends that you create a backup of the application server and database before changing the password for the xelsysadm user. Although a complete backup is recommended, the following backup is sufficient for this procedure:

Note:

When you create the backup, make sure that there is no user activity on the Oracle Identity Manager application and Websphere Application Server.

  1. Create a backup of the WebSphere configuration by using WAS_HOME/profiles/PROFILE_NAME/bin/backupConfig.sh or backupConfig.cmd before starting this procedure. Changing password is a complicated process and you would need the WebSphere configuration backup to restore to the previous working state, if anything goes wrong. Refer to IBM documentation for more information on how to use the backupConfig utility. For clustered installation, create backup for all WebSphere profiles.

  2. Create a backup of the database, specifically the USR table for the row where usr_login='XELSYSADM'.

B.2 Changing the Password

To change the password of the xelsysadm user in IBM WebSphere Application Server 6.1.x:

  1. Login to the WebSphere Admin Console and the Oracle Identity Manager Administrative and User Console in two different browser windows. For a clustered installation of Oracle Identity Manager, make sure that all the node agents in XL_CELL are started, including the XL_MODEL_NODE.

  2. Change the password for xelsysadm in the Administrative and USer Console. To do so:

    1. Login to Administrative and User Console as xelsysadm.

    2. Click My Account, and then click Change Password.

    3. Enter old and new passwords, and then click OK to change the password.

      Note:

      For a clustered installation of Oracle Identity Manager, shut down the XL_JMS_CLUSTER and XL_CLUSTER clusters.

  3. Change the password in the WebSphere Admin Console for XLJMSLogin. To do so:

    Note:

    This step is not required if you are using WebSphere MQ for JMS messaging. Default installations of Oracle Identity Manager used WebSphere default JMS implementation.

    1. In the WebSphere Admin Console, click Security, Secure Administration, Applications and Infrastructure.

    2. On the right pane, click Java Authentication and Authorization Service, J2C Authentication Data, XLJMSLogin.

    3. Enter the new password and click OK.

    4. Save the password in the master configuration.

  4. Change the password in the WebSphere Admin Console for standalone custom registry. To do so:

    1. In the WebSphere Admin Console, navigate to Security, Secure Administration, Applications and infrastructure, and Standalone Custom Registry.

    2. Enter the new password.

    3. Enter primary administrative user name as xelsysadm. The following warning message is displayed:

      The administrative user ID does not exist in the user repository.

    4. Ignore the warning and click Save to save the password in the master configuration.

  5. Uninstall applications. To do so:

    1. In the WebSphere Admin Console, navigate to Applications, Enterprise Applications.

    2. Select Xellerate and Nexaweb, and click Uninstall.

    3. Click Save to save the password to the main configuration.

      For a clustered installation of Oracle Identity Manager, click Preferences, and select Synchronize changes with Nodes before saving.

  6. Change the soap-client.properties. To do so, in the WebSphere installation, open the WAS_HOME/PROFILE_NAME/properties/soap.client.props file, and enter the new password for the com.ibm.SOAP.loginPassword property.

    For a clustered installation of Oracle Identity Manager, perform this step for WebSphere installations and profiles on all the nodes that are involved in XL_CELL.

  7. Restart WebSphere Application Server.

    For a clustered installation of Oracle Identity Manager, restart Deployment Manager and Node Manager on all the nodes including XL_MODEL_NODE. Do not start WebSphere Application Servers in XL_CLUSTER and XL_JMS_CLUSTER.

  8. Run the following utility to redeploy Oracle Identity Manager:

    • For UNIX

      OIM_HOME/setup/patch_websphere.sh XELSYSADM_PASSWORD OIM_DB_PASSWORD

    • For Microsoft Windows:

      OIM_HOME/setup/patch_websphere.cmd XELSYSADM_PASSWORD OIM_DB_PASSWORD

    Note:

    Provide the new password for xelsysadm to run the patch.

  9. Restart WebSphere Application Server.

    For a clustered installation of Oracle Application Server, you can shutdown Node Manager on XL_MODEL_NODE. Start WebSphere Application Server in the XL_CLUSTER and XL_JMS_CLUSTER clusters.

  10. Logout of the WebSphere Admin Console and relogin.

B.3 Rolling Back the Password Change

If a problem occurs while changing the password, then it is possible to rollback the changes by using the WAS_HOME/profiles/PROFILE_NAME/bin/restoreConfig.sh or restoreConfig.cmd script. Refer to IBM documentation for more information on how to use this utility.

You must also restore the USR table from the backup. For example, restore the USR table for the row where usr_login='XELSYSADM'.

Go to previous page
Previous		 Go to next page
Next
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us