Reset password patch
Running the resetPassword.sh script resets passwords for all the users, produces changes in an XML file, and if configured, sends an email to each user with the login instructions.
Fix Pack 2This is an obsolete feature. Starting from the IBM® Product Master Fix Pack 3 onwards, see Installing password security update.
Before you begin
Complete the following steps:- Take the backup of the database, or at least the table TSEC_SCU_USER (alias SCU).
- Run the following commands.
cd $TOP/bin/migration unzip resetPassword.zip cd $TOP/bin/migration/resetPassword - Using the following command, provide execute permission to the
resetPassword.sh file.
chmod 755 resetPassword.sh - Before you run the resetPassword.sh file, ensure that you set the
$JAVA_RT environment variable. To set the variable, run the
compat.sh file by using the following
command.
$TOP/bin/compat.sh - If the ResetPasswords.class file does not exist, the javac command is used to create the ResetPasswords.class file. You must ensure that the environment variable $JAVA_HOME contains a copy of $JAVA_HOME/bin/javac whose version is compatible with the installed version of IBM Product Master.
- In the Persona-based UI, when you create a user, do not use
colon
:
in the username.
About this task
The resetPassword.sh script resets passwords for all the users (except the password for the user that runs the script), produces changes in an XML file, and if configured, sends an email to each user with the login instructions.
This patch contains following files:- secpatch.html
- resetPassword.zip that contains following files:
- resetPassword.sh
- ResetPasswords.java
- MailContent.xml The MailContent.xml file contains a Subject line for the emails and the informational content of the email, and is so arranged that the new password can be automatically inserted into the email text.
If you need to convert the email text to the local language of your users:- Convert email text only.
- Do not convert the complete MailContent.xml file.
- Retain MailContent.xml file name.
Note: The reset password utility changes the password of all the users in a
company.
Procedure
- Enter the following command:
cd $TOP/bin/migration - Run the resetPassword.sh script with the following parameters.
./resetPassword.sh [option] Admin adminpw company output-fileWhere,- [option]
- If you do not specify any value, the resetPassword.sh script generates the output-file, changes passwords, and sends email to each user.
- [option]=dry-run or -d
- Generates the output-file only (does not change password or send any email).
- [option]=no-email or -n
- Generates the output-file and changes password only (does not send any email).
- Admin
- The username of the administrator.
- adminpw
- The password of the administrator. Note: The resetPassword.sh script does not change administrator password.
- company
- The company code.
- output-file
- The full path name of the output file with an XML extension.
- Check the generated file. The generated file contains all the usernames for the specified
company (except administrator), corresponding new passwords, and email addresses.
- If you have used -n option, you need to send each user an email with the instructions mentioned in the What to do next section.
- For other users, share the information by appropriate method. You can also use output-file to write your own script to transmit the information.
- Log in to the Product Master and change your password to any string you want (referred here as newpw), if the password contains only characters whose decimal value is less than 256.
- Apply the patch and restart Product Master.
- Log in to Product Master by using following credentials
and then change your password to any string you want (including adminpw):
- User name - Admin
- Password- newpw
- Delete following files in the $TOP/bin/migration directory:
- resetPassword.sh
- ResetPasswords.java
- ResetPasswords.class
- MailContent.xml
- Optional:To configure automatic mails, set the following two properties in the
common.properties
file:smtp_addressfrom_address