Friday, October 12, 2012

EM12c: How to change the password for Weblogic Admin server and Nodemanager when existing password is known and register it with emctl commands?

[Caution: If you have already configured BI Publisher, make sure to change this password with BIP as well, else it can break BIP reports.]

One can change admin server and nodemanager password from weblogic console but to ensure that emctl acknowledges this password, there are additional steps.

1. Goto admin server console of EM_GC(GCDomain) domain
https://<hostname.doaminname>:<port>/console

2. Login to Admin server console as user weblogic and its password

3. Go to Security Realms->myrealm->Users and Groups->weblogic->Passwords

4. Provide the new password and save it

5. To change the nodemanager password, follow given steps:

In case of multiple OMS Setup, steps a and b need to be executed only on the OMS server where Admin server is running.

    a.Go to GCDomain->Security(In the right section) ->Advanced

    b.Enter the new password in the "NodeManager Password" and "Confirm NodeManager Password" fields

6.Click on 'Activate Changes' in the left section

7.Stop the OMS
$<OMS_HOME>/bin/emctl stop oms -all

Stop the Agent on OMS Host
$<AGENT_HOME>/bin/emctl stop agent

8. Modify the boot.properties file of the Admin Server
($DOMAIN_HOME/servers/EMGC_ADMINSERVER/security/boot.properties):
In the above file you will see encrypted values for username and password properties. Change the password value to the new password set(clear text).
After modifying the file, it should look like:
==============================================
username={AES}pyu0QhTe6+Xpk+OjEw7vy55OudlxwDXrftY7Pbm95qA=
password=<new_passwd_in_cleartext>
==============================================

9. Modify the boot.properties file of the Managed Server
($DOMAIN_HOME/servers/EMGC_OMS1/data/nodemanager/boot.properties):
(In case of multiple OMS Setup this step need to be performed on each OMS server)
In the above file you will see encrypted values for username and password properties. Change the password value to the new password set(clear text).
After modifying the file, it should look like:
================================================
TrustKeyStore=DemoTrust
username={AES}pyu0QhTe6+Xpk+OjEw7vy55OudlxwDXrftY7Pbm95qA=
password=<new_password_in_clear_text>
================================================

10.Edit the nm_password.properties file under
<gc_inst>/user_projects/domains/GCDomain/config/nodemanager/nm_password.properties
(In case of multiple OMS Setup, this step need to be performed on each OMS server)

Change
================================================
hashed=Qg8bEYV0uA7xJiPclZO0YY1e5rk\=
================================================
to
================================================
password=<new_nodemanager_password>
username=nodemanager
================================================

11.Run following command to save the new passwords to EM Credential store
$<OMS_ORACLE_HOME>/bin/emctl secure create_admin_creds_wallet -admin_pwd <weblogic_pwd> -nodemgr_pwd <node_manager_pwd>


12.Start the OMS
$<OMS_ORACLE_HOME>/bin/emctl start oms

5 comments:

Truman S said...

Thanks for the information it is detailed and very helpful. I only have one question. How do you change the Admin Server password when you don't know the existing password?

Seth Miller said...
This comment has been removed by the author.
Seth Miller said...
This comment has been removed by the author.
Seth Miller said...
This comment has been removed by the author.
Seth Miller said...

Excellent post! I couldn't figure out where the EMGC_OMS1 boot.properties file was until I saw your post. Thanks for taking the time to put this together.