Working with Database Security

In order to maximize your database security, you should change the passwords on all table owners created during the Platform Pack installation; these are created with the user and password equal to the same value. Such a user and password relationship could expose you to worms and viruses aimed at gaining access to your database. Consult with your DBA for advice on changing passwords to meet the security requirements of your database installation.

The Installation Workbench assumes that the table owner 's password is the same as the table owner, unless it finds this override in the jde.ini file on the Deployment Server. Once the database passwords have been changed, you will need to add this section to the jde.ini file:

[DSPWD]
Datasource_owner=new_password

Note: Microsoft Windows 2012. For a Deployment Server running on a Microsoft Windows 2012, navigate to NOTEPAD.EXE in c:\WINDOWS directory. Right click on the executable and select "Run as Administrator". Then click on File and open this file for editing:c:\WINDOWS\JDE.INI

For example, if you changed the passwords for PRODDTA and PRODCTL to alaska5 and nevada6 your section would look like this:

[DSPWD]
PRODDTA=alaska5
PRODCTL=nevada6

The Installation Workbench assumes that the database user is JDE and that the password is the same, unless it finds this override in the jde.ini file on the Deployment Server. As a security precaution, you should also change the password on the JDE user and add an override in the [DSPWD] section of the jde.ini file. Once the database passwords have been changed, you will need to add this section to the jde.ini file:

[DSPWD]
JDE=new_password

For example, if you are changing the JDE user's password to apples, your section would look like this:

[DSPWD]
JDE=apples

Note: You must also logon to JDEPLAN using the changed password, otherwise database connections will fail. Using the above example of a changed password, you would logon using these credentials:User = JDEPassword = applesEnvironment = JDEPLAN

Caution: The Installation Workbench can only process passwords equal to or less than 10 characters in length. Therefore, you cannot use passwords greater than 10 characters even if your RDBMS allows it.

For Simplified Upgrade only, you will also need to uncomment this existing entry:

[DSPWD]
;DV920=DV920

Note: The code assumes that if there is no override in jde.ini file the password is the same as the user. That is, for example in the above uncommented line it will try and connect to DV920 with the password DV920.

Also for Simplified Upgrade only, after the above line is uncommented you will need to specify the password value for each environment that is included in your Simplified Upgrade. This entry is required to specify the password of the previous owner of Central Objects. For example:

[DSPWD]
DV920=Admin123
DV910=Admin123
DV900=Admin123

After you change the [DSPWD] section of the jde.ini file, logon to OneWorld in the JDEPLAN environment on the Deployment Server with the new password in the correct case.

Whenever you change the password on your database, as recommended for security purposes, you must also ensure that your security settings in the Enterprise Server jde.ini file match that of your database. For applicable instructions, refer to the chapter entitled: Performing Post Installation and Upgrade Tasks in the section entitled: Working With Signon Security and Table Creation Security.

You should secure the jde.ini file on the Deployment Server to prevent unauthorized access. You can use Site Key to encrypt sensitive data in the .ini files on your Enterprise Server. For details, refer to the section of this guide entitled: Generate a Site Key.

Caution: As a best security practice, you should delete the [DSPWD] section once the install or upgrade is complete.

Note: If you are performing a Traditional Upgrade from JD Edwards EnterpriseOne Releases 8.10 or 8.11, you should consider disabling the legacy user, which is PSFT.