Understanding the ReconfigureDB.exe Program
The installation of the Deployment Server delivers a utility called
ReconfigureDB.exe. This program can be used by a database superuser who for
Oracle is the user for the SYSTEM and SYS accounts, while for SQL Server Express
(SSE) it is the user of the SA account. Only users of these accounts can encrypt and
decrypt the password for the local database on the Deployment Server. Throughout this
text, the term local database refers to the database that is installed directly on the
Deployment Server. Depending on the release of EnterpriseOne, the supported database could be
Oracle or SQL Server Express as specified in the Certifications for JD Edwards EnterpriseOne
(refer to Accessing
Certifications of this guide).
The local database password must be encrypted for JD Edwards EnterpriseOne to run on the Deployment Server. In order to provide security and uniqueness, JD Edwards EnterpriseOne generates this password using a combination of the serial number of the local C drive and a proprietary encryption algorithm. Therefore it is assured that this password will not be the same on different computers.
ReconfigureDB.exe program, the old method is referred to as using
Legacy encryption; whereas, the new method uses Enhanced
encryption.Important: Enhanced encryption is applicable only to an Oracle
local database when using Tools Release 9.2.0.0 and greater. Legacy encryption is used with
an Oracle local database when using Tools Releases prior to 9.2.0.0 or with SQL Server
Express (using any supported Tools Release).Important: Prior to running JD
Edwards EnterpriseOne on the Deployment Server, you must ensure that the password of the
superuser of the local database is set to the relevant encryption using
ReconfigureDB.exe. This is done by selecting a program option appropriate
for your database and Tools Release:ReconfigureDB.exe. The program allows these password options:Prior to Tools Release 9.2.0.0, the comparable program was called
ReconfigureMSDE.exe and provided only the options for plain text and
(Legacy) Encryption.The ReconfigureDB.exe program runs in either interactive or silent mode. If
no command-line options are given, the program launches a Graphical User Interface (GUI). If
any command-line options are specified, the ReconfigureDB.exe program runs
silently. In both cases, output from the program is written to this log:
C:\ReconfigureDB.log
You can determine the functionality and command syntax of the ReconfigureDB.exe
program by executing the program with either the /? or
-H options. For example:
ReconfigureDB.exe /?
or
ReconfigureDB.exe -H
When you execute the command with these options the output is not directed to the console; instead the output is written to this file:
c:\ReconfigureDB.log
The contents of the ReconfigureDB.log file are shown below:
ReconfigureDB.exe
1) Changes the password for the database "superusers" for the LOCAL
EnterpriseOne database.
2) Can change to or from an encrypted password which is needed for E1 to run.
This password is generated based on the C drive's serial number and then
encrypted based on E1 proprietary algorithms; hence, this password will not
be the same on different computers.
3) Can also change to or from user-specified passwords.
4) The program works on the following local databases--and ONLY these
databases:
- E1Local
Type: Oracle Enterprise Edition (OEE)
Users: SYSTEM and SYS
- JDESSELocal
Type: Microsoft SQL Server 2005 Express Edition (SSE)
User: SA
IMPORTANT NOTE: With EnterpriseOne Tools Release 9.2.0.0 and later, the
method of creating the password changed to produce a more
complex and secure password.
In this program, the old method is referred to as using
"Legacy" encryption; whereas, the new method uses
"Enhanced" encryption.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! IMPORTANT !!! IMPORTANT !!! IMPORTANT !!! IMPORTANT !!! IMPORTANT !!!
!!! The superuser password must be set to the E1 encrypted password !!!
!!! for E1 to work. Select "Enhanced" for Tools Release 9.2.0.0 !!!
!!! and later. Select "Legacy" for older Tools Releases. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
SYNTAX
ReconfigureDB [-options] [Old_Password|-E|-L] [New_Password|-E|-L]
LOG FILE
- The log file is C:\ReconfigureDB.log
OPTIONS
- May be preceded by either a slash (/) or hyphen (-).
- May be either upper- or lowercase.
- Include one space before the slash or hyphen.
- The order of the options is important. The old password (or option -E or -L)
must come before the new password (or option -E or -L).
- If an old password (or option -E or -L) is given, a new password (or
option -E or -L) must be given.
- If no options are provided, a GUI will prompt for the type of database and
the passwords.
? or -H - Writes this help to the log file.
- Optional.
-T[ORACLE|SSE] - The database server instance type.
- Optional. If not specified, the default value is
ORACLE.
Old_Password|-E|-L - May be one of the following:
1) Old password
2) -E = Indicates that old password was created using
the ENHANCED (i.e., more complex) generation
algorithm.
3) -L = Indicates that old password was created using
the LEGACY (i.e., less complex) generation
algorithm.
New_Password|-E|-L - May be one of the following:
1) New password
2) -E = Indicates that new password should be created
using the ENHANCED (i.e., more complex)
generation algorithm.
3) -L = Indicates that new password should be created
using the LEGACY (i.e., less complex)
generation algorithm.
EXAMPLE
In this example, the password for the JDESSELocal database SA user will be
changed from "MyOldPassword" to a generated password that is then encrypted
with the new enhanced method:
ReconfigureDB -TSSE MyOldPassword -E