WebSphere Portal, Express Beta Version 6.1
Operating systems: i5/OS, Linux,Windows

 

Changing passwords

IBM® WebSphere® Portal Express and IBM WebSphere Application Server use some user accounts from the registry (for example, the LDAP server) for various purposes. This information includes the "Security Server ID" for the WebSphere Application Server JVM, access ID for authenticated access to databases and LDAP servers, and WebSphere Application Server and WebSphere Portal Express administrative ID's. Often this means that the account passwords are stored in the WebSphere Application Server and WebSphere Portal Express bootstraps configuration files, which allows the authentication process to work.

If the password for any ID is changed (either through WebSphere Portal Express or through any other means, including directly through the LDAP administration interfaces), then the password value stored in the appropriate configuration file must be changed at the same time. The following instructions describe how to make the appropriate changes based on which account passwords might have changed.

Remember: If you reuse the same account ID/password for multiple purposes, such as using wpsbind as the administrative ID and the LDAP access ID, then you might have to do more than one of the following steps to accommodate the password change. Some changes, particularly changes made through the WebSphere Application Server Administrative Console, require that the WebSphere Application Server Administrative Console be open and the current ID/password logged in before actually making the password change in the registry. Carefully plan which steps are required and in what order to avoid not being able to bring up server processes or log in. Use the following topics to change passwords to better secure your environment.

 

Changing the WebSphere Portal Express administrator password

WebSphere Portal Express treats wpsadmin (the administrator) as any other user, just with more permissions granted. With a normal configuration, it is possible to change the wpsadmin or equivalent password through the user interface (UI), just like any other user can manage their own password through the UI. However, if the wpsadmin account is also used for more than just the administrator, then additional changes, outlined in other steps in this section, must be made to accommodate the change.

Follow these steps to change the administrator password:

  1. Log in to WebSphere Portal Express as the administrator.

  2. Click Edit My Profile.

  3. Change your password in the appropriate box.

  4. Click Continue.
Note: You can also change the Administrator password, like any other user password, using an LDAP editor.

After successfully changing your password, you will need to make additional changes to the RunAsRole passwords; see WebSphere Portal requires additional changes to the RunAsRole passwords for the EJBs to support password change for WPSAdmin and WASAdmin users for information.

 

Changing the WebSphere Application Server administrator password

You can change the password for the IBM WebSphere Application Server administrator user ID using the WebSphere Application Server Administrative Console. For complete information about WebSphere Application Server security, including changing passwords for administrative accounts, see the WebSphere Application Server documentation.

After successfully changing your password, you will need to make additional changes to the RunAsRole passwords; see WebSphere Portal requires additional changes to the RunAsRole passwords for the EJBs to support password change for WPSAdmin and WASAdmin users for information.

 

Changing the WebSphere Application Server administrator password using WebSphere Portal Express

Follow these steps to change the WebSphere Application Server administrator password using WebSphere Portal Express:

  1. Confirm that the WebSphere Application Server Administrative Server and Administrative Console are running.

  2. Log in to the WebSphere Application Server Administrative Console as the administrator.

  3. Log in to WebSphere Portal Express as the WebSphere Application Server administrator and select Edit Profile.

  4. Type a new password and click OK.

  5. In the WebSphere Application Server Administrative Console do one of the following, depending on the type of security installation:

  6. Change Server User Password to the new value and save the changes.

  7. Stop and restart the WebSphere_Portal and server1 servers.
Note: The configuration tasks that enable security automatically set the Security Cache Timeout to a value specified in the wkplc.properties file. Old passwords are stored in cache for this amount of time. The default value is 600 seconds.

After successfully changing your password, you will need to make additional changes to the RunAsRole passwords; see WebSphere Portal requires additional changes to the RunAsRole passwords for the EJBs to support password change for WPSAdmin and WASAdmin users for information.

 

Changing the WebSphere Application Server administrator password in the LDAP server using the LDAP administration interface

 

Changing the database administrator password

If you change the password for the database administrative user, update the password information in the WebSphere Application Server administrative console. See the WebSphere Application Server documentation for details about modifying database passwords.

 

Replacing the WebSphere Application Server administrator user ID

Follow these steps to replace the WebSphere Application Server administrator user ID:

  1. Create a new user to replace the current WebSphere Application Server user through the Manage Users and Groups portlet.

  2. In the WebSphere Application Server Administrative Console do one of the following depending on the type of security installation:

  3. Replace the Security Server ID and Security Server Password with the new user account information from step 1. For the ID, retain the fully qualified server ID.

  4. Restart WebSphere Application Server.
Note: If you use an external security manager such as Tivoli Access Manager, manually remove the old administrator user ID from the external security manager.

 

Changing the LDAP bind password

If you are using an LDAP server as your user registry, adapt the LDAP bind user ID using the WebSphere Application Server Administrative Console. For complete information about the WebSphere Application Server security, including changing passwords for administrative accounts, see the WebSphere Application Server documentation.

Follow these steps to change the LDAP bind password:

  1. Confirm that the WebSphere Application Server Administrative Server and Administrative Console are running.

  2. From the WebSphere Application Server Administrative Console, click Security > Global Security > User registries > LDAP.

  3. Change the Bind Password to the new value and save the change.

  4. Restart WebSphere Application Server.
Parent topic: Other Configuring information - title & description will change
Library | Support | Terms of use |