Siebel CRM Siebel Security Guide Siebel Innovation Pack 2015 E24814-01 |
|
Previous |
Next |
View PDF |
Before you run the Database Configuration Wizard to configure the Siebel database on the RDBMS, you must create a Siebel administrator account, either manually (on IBM DB2) or using the grantusr.sql script. The default user ID for the Siebel administrator account is SADMIN (case-sensitive). You must also create a password for the account. For information about setting up this account for initial use, see the Siebel Installation Guide for the operating system you are using.
Note: The password you assign to the administrator account cannot be the same as the user name of the account. |
To increase the security of your Siebel implementation, it is recommended that you change the Siebel administrator password at regular intervals as described in the following procedure.
To change the Siebel administrator password on UNIX
End all client sessions and shut down the Siebel Server. Use the following command to shut down the server:
SIEBSRVR_ROOT/bin/stop_server all
Note: In order to stop all Siebel Servers in the Siebel Enterprise, you must run this command on all Siebel Server computers. |
Change the Siebel administrator's database account password using either the Server Manager command or the Siebel user interface.
The following steps describe how to change the password using the Server Manager command:
Log in at the Enterprise level:
srvrmgr -g SiebelGatewayName -e EnterpriseServerName -u UserName -p Password
At the Server Manager prompt, enter the following command:
change enterprise param Password=NewPassword
Change the password in the database.
For more information, refer to your RDBMS documentation on changing passwords.
Change the password in the service (svc) file on each Siebel Server in your Siebel Enterprise.
Caution: Do not edit the svc file manually; doing so can corrupt the file. Instead, make a backup copy of the existing svc file, then re-create the svc file with the new password using the siebctl utility. |
The following procedure describes how to re-create the svc file with a new administrator database account password:
Navigate to the $siebsrvr/sys
directory and rename the existing svc file. The svc file name is in a format similar to the following:
svc.siebsrvr.siebel:siebsrvrname
where siebsrvrname is the name of the Siebel Server.
In the $siebsrvr/bin
directory, run the following command to re-create the svc file with the new Siebel administrator password:
siebctl -r ''$Siebsrvr'' -S siebsrvr -i EnterpriseName:SiebsrvrName -a -g "-g GatewayServerHostName:gtwyport -e EnterpriseName -s SiebsrvrName -u sadmin" -e NewPassword -L ENU
where:
''$Siebsrvr'' is the installation directory of the Siebel Server
EnterpriseName is the name of your Siebel Enterprise
SiebsrvrName
is the name of the Siebel Server
GatewayServerHostName is the name of the Gateway Name Server host
gtwyport
is the port number of the Gateway Name Server
sadmin
is the administrator user ID
NewPassword
is the new Siebel administrator password (in plaintext). The siebctl utility encrypts the password.
For example:
siebctl -r "/data/siebel/sia8x/siebsrvr" -S siebsrvr -i TRN_ENTP:TRSIEBSRV2 -a -g "-g HBGNOVOAS04:2320 -e TRN_ENTP -s TRSIEBSRV2 -u sadmin" -e passwordnewxyz -L ENU
The siebctl utility re-creates the svc file with the new encrypted password value.
Stop and restart the Siebel Gateway Name Server using the following commands:
$SIEBEL_ROOT/SiebelGatewayName/bin/stop_ns $SIEBEL_ROOT/SiebelGatewayName/bin/start_ns
Restart all Siebel Servers using the following command:
$SIEBEL_ROOT/ServerName/bin/start_server all
Perform this step for each applicable Siebel Server.
Connect to the Server Manager and verify the password change:
srvrmgr -g SiebelGatewayName -e EnterpriseServerName -s SiebelServerName -u SADMIN -p NewPassword
You can now log in as SADMIN with the new password.