Action 1 - change the WebSphere Application Server user ID password
About this task
Use the changeSecurityProperties utility to change the WebSphere Application Server user ID password.
The procedure requires you to create a text file
of the current security properties, edit the file, stop the application
server, run the utility and restart the application server.
Note: You
might have already created the text file while determining your role
(see Determining the role of the user whose password has changed).
Find
information about how to do this as follows:
- Application server - using the utilities that change the properties gives a generic description of the procedure for making any change to the WebSphere Application Server properties
- Changing the security settings gives reference information about the utility
- When editing the text file of the current security properties, locate either LocalOSServerpassword or LDAPPassword, depending on the type of authentication you are using (see Determining the role of the user whose password has changed), and change the password to the new value, in plain text.
Note:
- If the user is both the WebSphere Application Server user and the database user, you can change the properties for both in the same action. See Action 5 - change the j2c user ID password. for details of the property to change.
- The changeSecurityProperties utility might display a message from the application server (WASX7357I:). You can ignore this message.
- When you supply a password in a text file for changeSecurityProperties,
there is a small security exposure. When you enter a password in the
file, the password is entered in clear (unencrypted). After you have
run changeSecurityProperties, the password remains in clear
in the text file you have edited, but if you run showSecurityProperties the
password is output encrypted. Thus, your potential security exposure
is limited to the time from when you entered the password in the text
file until when you manually deleted the text file after using changeSecurityProperties.
Attention: if you subsequently want to change other parameters and do not want to change any passwords, you must do one of the following before running changeSecurityProperties:
- Resupply the passwords in clear
- Comment the password properties
- Delete the password properties