Guidelines for Changing Passwords

Before changing passwords in your environment, review the following general points:

• For end users, the availability of the Password and Verify Password fields in the Siebel application (User Preferences screen, User Profile view) depends on several factors:

  • For an environment using Lightweight Directory Access Protocol (LDAP) authentication, the underlying security mechanism must allow this functionality. See also Requirements for the LDAP Directory.

    In addition, the Propagate Change parameter must be TRUE for the LDAP security adapter. The default value is TRUE. For Siebel Developer Web Clients, the system preference, SecThickClientExtAuthent, must also be TRUE.

  • For an environment using database authentication, the Database Security Adapter Propagate Change parameter must be TRUE for the database security adapter. The default value is FALSE.

  For more information, see Security Adapter Authentication.

• If you are using a third-party load balancer for Siebel Server load balancing, then make sure load-balancer administration passwords are set. Also make sure that the administrative user interfaces for your load-balancer products are securely protected.

• If you set and change passwords at the Siebel Enterprise level, then the changes are inherited at the component level. However, if you set a password parameter at the component level, then from that point forward, the password can be changed only at the component level. Changing it at the Enterprise level does not cause the new password to be inherited at the component level, unless the override is deleted at the component level. For more information, see Siebel System Administration Guide.

For information about changing the local DBA password on Mobile Web Clients, see Siebel Remote and Replication Manager Administration Guide. For information about configuring and using hashed user passwords and database credentials passwords through your security adapter, see About Password Hashing.