Changing the IBM WebSphere Application Server administrator password in a clustered installation

You can change the WebSphere® Application Server administrator password after installation. Follow this procedure if WebSphere Application Server clustering is implemented for your installation.

Procedure

  1. Make sure that all node agents are running. See Checking the status of IBM WebSphere Application Server node agents.
  2. Change the user password:
    • If your system uses the internal user registry, change the password by using the IBM® InfoSphere® Information Server Web console. See Changing passwords by using the IBM InfoSphere Information Server Web console.
    • If your system uses a Lightweight Directory Access Protocol (LDAP) or an operating system user registry, change the password by using those external utilities. If a stand-alone LDAP registry is used and the Server identity that is stored in the repository option is selected, then after the password is changed in the LDAP registry, you must also update the password in the Users and Groups > Manage users page of the WebSphere Application Server administrative console. See Standalone LDAP registry settings in the WebSphere Application Server documentation for more information.
    • If your cluster uses the federated user registry with the built-in WebSphere Application Server file based registry, then change the password in the Users and Groups > Manage users page of the WebSphere Application Server administrative console.
  3. Log in to the computer that hosts the WebSphere Application Server Deployment Manager.
    • Linux cue graphicUNIX cue graphicLog in as root.
    • Windows cue graphicUse an account with administrator privileges.
  4. Make sure that all node agents are still running after the password change. See Checking the status of IBM WebSphere Application Server node agents.
  5. If one of the node agents was not running when you changed the password in step 2, the user cannot start that node agent because the passwords no longer match at the Deployment manager and node level. To fix this problem, run the WebSphere Application Server syncNode command to synchronize the node with the Deployment manager. To run the syncNode command:
    1. Log into the node.
    2. Run the syncNode command.
      • Linux cue graphicUNIX cue graphic
        opt/IBM/WebSphere/AppServer/profiles/custom_profile/bin/syncNode.sh 
           dmgr_hostname dmgr_port -user was_admin_username -password 
           was_admin_password
      • Windows cue graphic
        C:\IBM\WebSphere\AppServer\profiles\custom_profile\bin\syncNode 
           dmgr_hostname dmgr_port -user was_admin_username -password 
           was_admin_password
      In the command:
      • dmgr_hostname is the host name of the computer where the Deployment Manager is running.
      • dmgr_port is the port number of the Deployment Manager (default is 8879).
      • was_admin_username is the user name of the WebSphere Application Server administrator.
      • was_admin_password is the administrator password.
    3. Restart the node agent.
  6. When restarting WebSphere Application Server, regardless of the method that you use, the startup method returns before the application server is fully started. To verify that WebSphere Application Server has started, monitor the log files.
  7. Update the new Administrator password for usage with the Metadata server:
    1. On the Services tier, change directory to {IS_INSTALL_LOCATION}/ASBServer/bin
    2. Encrypt the new WebSphere Application Server Administrator password.
      • Linux cue graphic
        ./encrypt.sh <new WAS Administrator password>
      • Windows cue graphic
        ./encrypt.bat <new WAS Administrator password>
    3. Change directory to {IS_INSTALL_LOCATION}/ASBServer/conf
    4. Specify the encrypted password as the value for WAS_ADMIN_PW in the MetadataServer.info file.