|Applies To||RSA Federated Identity Manager (FIM) 4.2 |
|Issue||There are 2 passwords that can be created reset in FIM. The user for the Database Connection and the admingui user(s). User passwords of FIM services that federate are not stored in FIM but with the WAM that is required such as RSA Access Manager. What are the utilities that set these 2 passwords in FIM?|
|Resolution||In the case of the database connection password.|
updateDBCredentials.cmd/sh utility will update the database username/password information.
Below is the description of the Utility:
This utility is used to update FIM_DB credentials to connect the DB.
In case of Derby database it prompts for only the DB Password where as incase of Postgres/ORAC it prompts for Username and Password.
Once the script is executed successfully it will update the fim.properties with the new username and encrypted password.
NOTE: Please take the database backup (backupConfig.cmd/sh) before executing this script if the customer want to restore it to the new database.
Please refer I&C Guide Changing Database Providers section from step 2 to step 4 for more details of executing the script.
If it’s related to FIMConfig GUI credentials on Tomcat stored in md5/sha then please refer SAML-4481 for updating the fim-users.xml file with the new password.
The fimUserInfo.sh/cmd is the utility for changing that password located in the FIM directory after the insatll of FIM 4.2.1
NOTE : Don't include spaces in the password as the script won't work for passwords containing spaces
The weblogic script for changing , adding administrators is called cliCreateUserGroupsForWLS
cliCreateUserGroupsForWLS.sh/cmd username password
It is also possible to add/manage FIM admins using the weblogic console as by default we use the security realms of weblogic for the admins.
Using the admin roles defined in the FIM Install & Config guide. See user "myfimadmin" which is a FIM super admin