IBM Support

How to manage the user "tdsadmin" in Rational Directory Server

Question & Answer


How do you manage the user "tdsadmin" in IBM Rational Directory Server (RDS)?


The user tdsadmin has a very special status in Rational Directory Server (RDS) and the credentials must be managed correctly.


  1. Scope of this Technote: About Rational Directory Server (RDS) installation modes
  2. tdsadmin can refer to several unrelated user accounts
  3. Account tdsadmin is mandatory to manage RDS
  4. Account tdsadmin is not mandatory to manage your Corporate LDAP (RDS Tivoli or Apache in Corporate mode)
  5. About the tdsadmin OS profile
  6. tdsadmin password lifecycle
  7. Instructions to change the tdsadmin password in RDS
  8. Instructions to reset the tdsadmin password in RDS Tivoli
  9. Resetting the tdsadmin password in your IBM Rational Change installation

1. Scope of this Technote: About RDS installation modes

table 1: RDS versions and installation modes
Depending on what version and what installation mode you chose, you need to manage the credentials of usertdsadmin the appropriate way. This Technote covers all modes (Apache/Tivoli, Standalone/Corporate/OS).

2. The tdsadmin can refer to several unrelated user accounts

The tables below show how to avoid confusion regarding accountstdsadmin.

table 2: rules for every installation mode

table 3: tdsadmin passwords

Finally, please note that tdsadmin also refers to the name of the db2 instance used by RDS (which makes it a 3rd tdsadmin for you to be aware of!). However, this is strictly internal to db2. If you're not familiar with db2, simply ignore this tdsadmin.

3. Account tdsadmin is mandatory to manage RDS

It must to be present in every RDS installation mode, as seen in table 2. You cannot use the RDA web-based interface without it.

Technote: Using a non tdsadmin account for Rational Directory Administration states that "tdsadmin is the only appropriate user to use IBM Rational Directory Administration (RDA) for the administration of IBM Rational Directory Server (RDS)".


4. Account tdsadmin is not mandatory to manage your Corporate LDAP (RDS Tivoli or Apache in Corporate mode)

tdsadmin is meant only to manage RDS and is not required in your Corporate LDAP, as seen in table 2.


5. About the tdsadmin OS profile

Table 2 shows that :

5.1. A tdsadmin OS user is mandatory in every RDS Tivoli installation mode.

This is required to connect to the underlying db2 database. See section 9 to know how to change it.

5.2. A tdsadmin OS user is not required in any of the RDS Apache installation modes (even in OS authentication mode!).

Every other user's information will be retrieved from the OS, but the information for user tdsadmin is stored only in RDS. If you have created a tdsadmin user in the OS, it will have no impact on RDS and their passwords won't be synchronized.

6. tdsadmin password lifecycle
The 'tdsadmin' password never expires in RDS".

This applies to all installation modes.

If you have RDS Tivoli, then, as stated in section 5.1, you also have atdsadmin user in your OS. It has been created automatically by the RDS installation. Its password's expiration policy is set by your OS settings.

7. Instructions to change the tdsadmin password in RDS

These instructions apply to every RDS version and every installation mode.When you know the current tdsadmin password follow the steps below, otherwise refer to the section 8 "Instructions to reset" of this Technote.


1. Login to the RDA web-based interface as user tdsadmin.

(consult the RDS manual to know how to start RDA)

2. Change the password for user tdsadmin.

8. Instructions to reset the tdsadmin password in RDS Tivoli

Consult TechNote 1413301: "Change or reset tdsadmin password in RDS Tivoli" for instructions to reset the tdsadmin password in RDS Tivoli on Windows and Unix.

9. Resetting the tdsadmin password in your IBM Rational Change installation

Consult TechNote 1413301: "Change or reset tdsadmin password in RDS Tivoli" for instructions to reset the tdsadmin password in RDS Tivoli on Windows and Unix. During the installation of Rational Change, the Admin User enters the URL for Rational Change Admin in a web browser and is first prompted to configure the RDS installation details. Here, you enter the RDS URL, and the tdsadmin username and password. This is a one time operation and this information is written to the following file: <CHANGE_INSTALL_DIR>/jetty/webapps/change/WEB-INF/wsconfig/rds_config.xm

When the tdsadmin username or password is changed or the RDS URL is changed you need to do the following:
  1. Delete the file <CHANGE_INSTALL_DIR>/jetty/webapps/change/WEB-INF/wsconfig/rds_config.xm
  2. Restart Rational Change
  3. Login to Rational Change as the admin user
  4. You will be prompted to configure RDS once again
  5. Enter the new RDS URL, tdsadmin username and password

[{"Product":{"code":"SS4AKG","label":"Rational Directory Server"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":"General Information","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"5.1;;;5.1.1;;;5.2;;;5.2.1","Edition":"","Line of Business":{"code":"LOB15","label":"Integration"}}]

Document Information

Modified date:
16 May 2024

