If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Changing Admin Account Password

Started by ghostraider, 21 Apr 2008 11:41:26 AM

Previous topic - Next topic

ghostraider

Hi All,

We have an AD admin account for our Cognos Servers and because of some security rules we are being asked to change the password for this account. Now, we have Auditing implemented and while implementing we have given this account's name and password in the DSServlet.java file. SO if i change my password will Auditing work if i go ahead and change the password and rebuild the DSServlet.class file again. Or is there some kind of complexity in this? Please let me know.

Thanks!!

CognosPolzovatel

Perhaps I am missing something, but why did you include your password in DSServlet.java? I did not do so and any time I change the admin password, I do not have to go out to any file to update the password. It doesn't make sense to hard-code a password within a file?

ghostraider

I included the admin id and password as per the instructions in the Auditing Proven Practice document. Below is the text from that document.

''5 â€" Edit the DSServlet.java file depending on your authentication settings:
• If you are allowing anonymous logon, leave line 45 (which starts
binding.logon ... ) commented out.
• If you are not allowing anonymous logon, make sure that the
username, password, namespace and endpoint variables are
correct and uncomment line 45 (which starts binding.logon ... )"

For the username and password i gave my admin id and password. Please let me know if i made a mistake here. Appreciate your response. Thanks!!

ducthcogtechie

Your AD bind account does not have to be an AD administrator. If i'm not mistaking you could use a regular AD user account for this. (preferably a service user that does not have a password change policy enforced.

If you have a simple AD connected in Cognos configuration; are you sure your AD is protected against anonymous ldap querying, as if it is not, you could remove the bind user all together.

Either case, i think you are correct in the fact that a recompile is needed. 

fishbone99

Could somebody confirm if we should change DSServlet.java password and recompile every time the password expires?