You can configure IBM® Guardium® Key Lifecycle Manager or modify
the existing configuration for file-based user authentication. File-based authentication is
configured by default when you install the product.
- Using the graphical user interface
- Log in to the graphical user interface.
- On the home page, click the menu icon (
) at the upper left of the page.
- Click .
The current user authentication properties are
displayed.
- To configure or modify the existing user authentication settings, click the edit icon
(
) next to File
authentication.
- In the File tab, make sure that the Enable
file-based authentication option is selected and specify the following parameter
values.
- Click Save.
- On the confirmation window, click OK.
- Using REST interface
- After an inline migration to IBM Guardium Key Lifecycle Manager5.1 from any earlier version of IBM Guardium Key Lifecycle Manager and subsequent enabling of FIPS 140-3,
file-based users are not able to log in. To resolve this issue, you can run a utility to rehash the
password of the file-based users.Using utility to rehash the passwords of the users in the
server.xml file in IBM Guardium Key Lifecycle Manager
5.1.
- Go to either of the utility script's file path:
- Linux
- /opt/IBM/GKLMV51/migration/updatePassword.sh
- Windows
- C:\\Program Files\\IBM\\GKLMV51\\migration\\updatePassword.bat
- Open the bash, power shell, or cmd shell.
- Run either of the following commands and provide the values of
USER_ID and
USER_PASSWORD mandatory. Providing the value of WAS_HOME is mandatory.
- Linux
-
./updatePassword.sh <USER_ID> <USER_PASSWORD> [WAS_HOME]
- Windows
-
updatePassword.bat <USER_ID> <USER_PASSWORD> [WAS_HOME]
- Restart the IBM Guardium Key Lifecycle Manager server.