Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
3 replies Latest Post - ‏2012-08-30T13:24:35Z by umberto.caselli
Stush
Stush
19 Posts
ACCEPTED ANSWER

Pinned topic Password Maintenance in V8.6 fp1

‏2012-08-30T02:48:23Z |
Hi! New in V8.6 the users guide states that on job types with advanced options, regardless of the operating system of the dynamic agent that will run the job, you can provide the username of a user definition in the credentials section of the job and have the password field resolved at runtime with the password value stored in the database.

Is it best practice that the credentials for the advanced jobtypes avoid password policy changes, or is does TWS provide a supported mechanism for maintaining the userid's and passwords in the TWS database to easily manage periodic password refreshes?

Would it be recommended not to integrate the job credentials with LDAP, meaning that the job credentials (userid and password) be separate from the user credentials that may actually submit these jobs.

Thank you for the assistance.
Updated on 2012-08-30T13:24:35Z at 2012-08-30T13:24:35Z by umberto.caselli
  • umberto.caselli
    umberto.caselli
    9 Posts
    ACCEPTED ANSWER

    Re: Password Maintenance in V8.6 fp1

    ‏2012-08-30T07:32:49Z  in response to Stush
    Hello,
    let's add some background around users and passwords in job with advanced options.
    The user and password can be related to the user that runs the job (like for binaries and scripts) or to the system being accessed by the job (a remote web service, a remote RDBMS ...).
    These passwords can be stored in the following ways:
    1. In the job. In case of a password change you have to edit all the jobs.
    2. In the user repository on the master (the same used for "Windows users of the FTAs). This is the option you were referring. In this case you can change the password in the repository and have it effective at the next plan creation or use the "conman altpass" command and have the change immediately effective.
    3. In the user repository on the agent. In this case the local administrator of the machine can keep the passwords up to date.
    Let me know if you need more details.
    Thanks, Umberto
  • Stush
    Stush
    19 Posts
    ACCEPTED ANSWER

    Re: Password Maintenance in V8.6 fp1

    ‏2012-08-30T12:53:20Z  in response to Stush
    I would like to clarify the enhancement in TWS 8.6 FP1. It reads that the pwd is now stored in the database, whbich I would hope would cover all platforms. Did I understand this correctly? I am also interested if there is a utility to change these pwds (like chg_pwd.sh). Changing job definitions is not a good option. Thanks you
  • umberto.caselli
    umberto.caselli
    9 Posts
    ACCEPTED ANSWER

    Re: Password Maintenance in V8.6 fp1

    ‏2012-08-30T13:24:35Z  in response to Stush
    Hello,
    you can change the password with the composer command line.
    Let me show you with an example.
    The command "composer mod user=UCASELL2#MYUSER" will show something like:

    USERNAME UCASELL2#MYUSER
    PASSWORD "**********"
    END

    I can then edit the password, save the file and the password will be updated.