Updating Db2 password in IBM Security Key Lifecycle Manager Multi-Master cluster

When a password expiration restriction is in effect, you must change the password before the expiration period expires.

Before you begin

Ensure that you know the existing password that you want to change.

About this task

You must be the database instance owner on AIX or Linux systems, or the Local Administrator on Windows systems. The login password for the DB2® Administrator user ID and the Db2 data source password that is used by WebSphere® Application Server must be the same. When you change one, you must change the other.

You must ensure that the Db2 user name and password must be same on all the masters of IBM Security Key Lifecycle Manager Multi-Master cluster.

Procedure

  1. Stop Db2 HADR on IBM Security Key Lifecycle Manager primary master server with primary database.
    Windows
    1. Click Start > IBM DB2 DBSKLMV301 (Default) > DB2 Command Window - Administrator.
    2. Type the following command and press Enter.
      db2 stop hadr on database sklmdb31
    Linux
    1. In a terminal window, type the following command to change the DB2 instance owner.
      su - sklmdb31
    2. Run the following command.
      db2 stop hadr on database sklmdb31
  2. Deactivate standby database on IBM Security Key Lifecycle Manager standby master by running the following command. 
    db2 deactivate db sklmdb31
  3. Stop Db2 HADR on IBM Security Key Lifecycle Manager standby master with standby database by running the following command. 
    db2 stop hadr on database sklmdb31
  4. Stop WebSphere® Application Server on all master servers of the Multi-Master cluster.
    To do so, complete these steps:
    1. Go to the <WAS_HOME>\bin directory.
      Windows
      C:\Program Files\IBM\WebSphere\AppServer\bin
      Linux
      /opt/IBM/WebSphere/AppServer/bin
    2. Run the script:
      Windows
      stopServer.bat server1
      Linux
      ./stopServer.sh server1
  5. Stop agent service on all IBM Security Key Lifecycle Manager master servers. For detailed instructions, see Restarting the IBM Security Key Lifecycle Manager agent service.
  6. Start WebSphere Application Server on all the master servers.
    To do so, complete these steps:
    1. Go to the <WAS_HOME>\bin directory.
      Windows
      C:\Program Files\IBM\WebSphere\AppServer\bin
      Linux
      /opt/IBM/WebSphere/AppServer/bin
    2. Run the script:
      Windows
      startServer.bat server1
      Linux
      ./startServer.sh server1
  7. Change the Db2 password at the operating system level and update the same password in the data source on all IBM Security Key Lifecycle Manager master servers.
    Complete the steps given in the following topics for the steps:
    Windows

    Updating Db2 password on Windows systems

    Linux

    Updating Db2 password on Linux or AIX systems

  8. Start Db2 HADR on all the standby master servers by using the following command. 
    db2 start hadr on database sklmdb31 as standby
  9. Start Db2 HADR on the primary master server by using the following command. 
    db2 start hadr on database sklmdb31 as primary
  10. Update Db2 password in multi-master table in Db2 by running Update DB2 Password On All Masters REST Service.
  11. Stop the agent process on all the master servers in the cluster.
    For instructions, see Stop Agent. If the agent process does not stop, forcibly stop the process from Windows Task Manager.
  12. Restart WebSphere Application Server on all IBM Security Key Lifecycle Manager servers in the cluster.
    For instructions, see Restarting the IBM Security Key Lifecycle Manager server