2.5.2 Change operational user
Function
This service template changes password for OS users and JP1 users, and updates password management information registered in JP1/Base (Windows).
It is enabled in the following systems:
• Systems in which jobs are executed by an agent server in a job execution environment that uses JP1/AJS3.
• Systems in which automated actions are performed and commands are executed on an agent server in a monitoring environment that uses JP1/IM.
This service template assumes that the following servers are being used.
• JP1 authentication server
Servers running a JP1/Base authentication server. These manage JP1 user information.
• Agent server
Servers on which JP1/Base is installed, and that execute jobs and perform automated actions.
To update administrative users' information to the above systems, the following tasks are performed.
(1) Change the OS user password. (Agent server)
(2) Update the password management information registered in JP1/Base. (Agent server)
(3) Change the JP1 user password. (JP1 authentication server)
Note that when OS user is set, (1) and (2) are performed. When JP1 user is set, (3) is performed. If you set both OS user and JP1 user, (1), (2) and (3) are performed.
Prerequisites
For the latest support information about [Required product in the System]/[Prerequisite products in the system executing the service template]/[Prerequisite product OS running in the system executing the service template], see the release notes.
[Required product in the System]
Job Management Partner 1/Automatic Operation 10-50 or later
[Prerequisite products in the system executing the service template]
(1) The following version of JP1/Base is running on the JP1 authentication server and the agent server:
Job Management Partner 1/Base 08-00 or later.
[Prerequisite product OS running in the system executing the service template]
(1) Windows Server 2003, Standard Edition/Enterprise Edition (x86/x64) SP1 or later, Windows Server 2003 R2, Standard Edition/Enterprise Edition (x86/x64)
(2) Windows Server 2008 Standard/Enterprise (x86/x64), Windows Server 2008 R2 Standard/Enterprise/Datacenter
(3) Windows Server 2012 Standard/Datacenter, Windows Server 2012 R2 Standard/Datacenter
(4) Red Hat Enterprise Linux 5 Advanced Platform (x86), Red Hat Enterprise Linux 5 (x86), Red Hat Enterprise Linux 5 Advanced Platform (AMD/Intel 64), Red Hat Enterprise Linux 5 (AMD/Intel 64)
(5) Red Hat Enterprise Linux Server 6 (32-bit x86),Red Hat Enterprise Linux Server 6 (64-bit x86_64)
[Usage conditions of prerequisite products in the system executing the service template]
(1) The authentication server of the connection destination is set in JP1/Base on the agent server.
(2) To change the OS user password (or in the case of Windows, to update the password management information), specify the following properties:
common.targetHost
OS.osUserName
OS.osUserPassword
OS.osUserPasswordReEnter
OS.userType (Windows only)
(3) To change the JP1 user password, specify the following properties:
jp1base.certHost
jp1base.jp1UserName
jp1base.jp1UserPassword
jp1base.jp1UserPasswordNew
jp1base.jp1UserPasswordReEnter
(4) If JP1/Base on the agent server is in a cluster configuration, the service can only be executed in the active server environment. If the service was executed at least once on the active server and then a failover occurred, execute the service again by specifying the system environment settings and OS user information parameters, and leaving all the JP1 user information parameters blank.
Cautions
(1) To work with OS users of the domain environment, set property OS.userType to domain.
(2) If you are executing this service in a Linux environment, do not use multibyte characters in properties.
(3) If specifying multibyte characters and when the agent server OS is Windows, specify the following parameters to be the lengths indicated.
OS user name: 20 bytes
OS user password: 64 bytes
OS user password re-entry: 64 bytes
(4)In order to execute this service, the JP1/AO server (loopback address resolved by localhost) and the server that is the connection destination must be set as agentless connection destinations.
(5)When executing this service for a Linux environment, make sure that the OS user exists in advance.
Version
01.50.01
Category
JP1_Operations/Management
Property list
The following shows the list of the property groups set in the property:
|
Property group |
Description |
Initial display |
|---|---|---|
|
System environment information |
Specify the environment information of the agent server. |
Y |
|
OS user information |
Specify the information for the OS user whose password is to be changed. |
Y |
|
JP1 authentication server information |
Specify the JP1 authentication server information for the JP1 user to be added. |
Y |
|
JP1 user information |
Specify the JP1 user information for the password to be changed. |
Y |
The following shows the list of the properties to be displayed in the "Service Definition" dialog box:
- (Legend)
-
R: The property must be specified.
O: The property can be omitted. However, the property might be mandatory depending on what is specified for other properties. See the Description of each property.
|
Property key |
Property name |
Description |
I/O type |
Shared |
Required |
Property group |
|---|---|---|---|---|---|---|
|
jp1base.certHost |
Host name of the JP1 authentication server |
Specifies the host name of the JP1 authentication server. This must be specified if you want to change the OS user's password. In the case of a cluster configuration, specify the physical host or logical host of the active server. |
Input |
Disabled |
O |
JP1 authentication server information |
|
jp1base.certHostLHostName |
Logical host name of JP1 authentication server |
Specify the logical host name of the JP1 authentication server (when the JP1 authentication server is in a cluster configuration). |
Input |
Disabled |
O |
JP1 authentication server information |
The following shows the list of the properties to be displayed on the "Service Definition" dialog box and the "Submit Service" dialog box:
|
Property key |
Property name |
Description |
I/O type |
Shared |
Required |
Property group |
|---|---|---|---|---|---|---|
|
common.targetHost |
Agent server host name |
Specifies the host name or IP add. of the agent server. IPv6 are not supported. This must be specified if you want to change the OS user's password. In the case of a cluster configuration, specify the physical host or logical host of the active server. |
Input |
Disabled |
O |
System environment information |
|
jp1base.jp1BaseLHostName |
Logical host name of JP1/Base |
Specify the logical host name of JP1/Base on the agent server (if JP1/Base is used in a cluster configuration). |
Input |
Disabled |
O |
System environment information |
|
OS.osUserName |
OS user name |
Specifies the OS user name from the agent server. This must be specified if you want to change the password of the OS user. |
Input |
Disabled |
O |
OS user information |
|
OS.osUserPassword |
New password for OS user |
Specifies the new password for the OS user. |
Input |
Disabled |
O |
OS user information |
|
OS.osUserPasswordReEnter |
Re-enter new password for OS user |
Specifies again the new password for the OS user. |
Input |
Disabled |
O |
OS user information |
|
OS.userType |
OS user type |
Specify "local" or "domain" as the OS user type. This property only takes effect when the agent server is running Windows. |
Input |
Disabled |
O |
OS user information |
|
jp1base.jp1UserName |
JP1 user name |
Specifies the JP1 user name on the JP1 authentication server. This must be specified if you want to change the password for the JP1 user. |
Input |
Disabled |
O |
JP1 user information |
|
jp1base.jp1UserPassword |
JP1 user password |
Specify the password of the JP1 user. |
Input |
Disabled |
O |
JP1 user information |
|
jp1base.jp1UserPasswordNew |
New JP1 user password |
Specify a new password for a JP1 user. |
Input |
Disabled |
O |
JP1 user information |
|
jp1base.jp1UserPasswordReEnter |
Re-enter new password for JP1 user |
Specifies again the new password for the JP1 user. |
Input |
Disabled |
O |
JP1 user information |
The following shows the list of properties used as variables for work to inherit the value in the processing. This property is displayed only in the task log.
|
Property key |
Property name |
Description |
I/O type |
Shared |
|---|---|---|---|---|
|
common.userNameWork |
User name |
A work property used to store the user name. |
Variable |
Disabled |
|
common.osKind1 |
OS type 1 |
Work properties that contain the OS type of the agent server. |
Variable |
Disabled |
|
common.osKind2 |
OS type 2 |
A work property used to store the OS type of monitor server. |
Variable |
Disabled |
|
common.aoInstPath |
JP1/AO installation path |
Stores the path where JP1/AO is installed on the JP1/AO server. |
Variable |
Disabled |
|
common.tmpFileID |
Temporary file ID |
Stores the ID of the temporary file. |
Variable |
Disabled |
The following shows the restrictions on inputs to the properties displayed in the "Service Definition" dialog box:
|
Property key |
Characters that can be input |
|---|---|
|
jp1base.certHost |
A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -. |
|
jp1base.certHostLHostName |
A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -. |
The following shows the restrictions on inputs to the property displayed on the "Service Definition" dialog box and the "Submit Service" dialog box:
|
Property key |
Characters that can be input |
|---|---|
|
common.targetHost |
A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -. |
|
jp1base.jp1BaseLHostName |
A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -. |
|
OS.osUserName |
A character string of no more than 20 characters can be entered. It cannot include <, >, |, ;, &, `, or a trailing \. In case of executing this service to Linux, it cannot include multibyte character. |
|
OS.osUserPassword |
A character string of no more than 64 characters can be entered. It cannot include <, >, |, ;, `, or a trailing \. In case of executing this service to Linux, it cannot include multibyte character. |
|
OS.osUserPasswordReEnter |
A character string of no more than 64 characters can be entered. It cannot include <, >, |, ;, &, *, ?, ", %, or a trailing \. In case of executing this service to Linux, it cannot include multibyte character. |
|
OS.userType |
Select one of the following values: local,domain |
|
jp1base.jp1UserName |
A maximum of 31 characters can be entered. Characters that can be used include alphanumeric characters, as well as !, #, $, %, ', -, @, _, ~. |
|
jp1base.jp1UserPassword |
A character string of between 6 and 32 characters can be entered. Characters that can be used include alphanumeric characters, as well as !, #, $, %, ', -, /, =, ?, @, [, ], ^, _, {, } and ~. |
|
jp1base.jp1UserPasswordNew |
A character string of between 6 and 32 characters can be entered. Characters that can be used include alphanumeric characters, as well as !, #, $, %, ', -, /, =, ?, @, [, ], ^, _, {, }, and ~. |
|
jp1base.jp1UserPasswordReEnter |
A character string of between 6 and 32 characters can be entered. Characters that can be used include alphanumeric characters, as well as !, #, $, %, ', -, /, =, ?, @, [, ], ^, _, {, }, and ~. |
Flow specification details
The following table shows the detailed specification of the flow:
|
Hierarchy |
Display name |
Plug-in |
|||
|---|---|---|---|---|---|
|
Plug-in name |
Version |
Description |
Error recovery method |
||
|
1 |
checkOS |
Flow Plug-in |
-- |
Determines the OS type of the JP1 authentication server or agent server. |
-- |
|
1-1 |
Output OS type |
01.00.04 |
Ascertains the OS of the JP1 authentication server. |
Eliminate the cause of the error, and then re-execute the service. |
|
|
1-2 |
Output OS type |
01.00.04 |
Ascertains the agent server OS. |
Eliminate the cause of the error, and then re-execute the service. |
|
|
2 |
osChangePassword |
Flow Plug-in |
-- |
Changes the password for an OS user. |
-- |
|
2-1 |
Standard Output Plug-in |
01.00.00 |
Outputs the value of a variable. |
Eliminate the cause of the error, and then re-execute the service. |
|
|
2-2 |
Compatible Plug-in |
-- |
Sets the value of a variable to a macro variable in AJS. |
Eliminate the cause of the error, and then re-execute the service. |
|
|
2-3 |
Compatible Plug-in |
-- |
Ascertains whether an OS user name has been specified. |
Eliminate the cause of the error, and then re-execute the service. |
|
|
2-3-1 |
Change password for OS user |
01.00.04 |
Changes user passwords on an agent server (or server domain). |
Eliminate the cause of the error, and then re-execute the service. |
|
|
3 |
jp1baseChangeUserInfo |
Flow Plug-in |
-- |
Updates OS user information registered in JP1/Base. |
-- |
|
3-1 |
Compatible Plug-in |
-- |
Ascertains whether an OS user name has been specified. |
Eliminate the cause of the error, and then re-execute the service. |
|
|
3-2 |
Flow Plug-in |
-- |
Updates OS user information registered in JP1/Base. |
-- |
|
|
3-2-1 |
Output OS type |
01.00.04 |
Determines the OS. |
Set the value after changing to the new and old password of the JP1 user, and then re-execute the service. |
|
|
3-2-2 |
Standard Output Plug-in |
01.00.00 |
Outputs the value of a variable. |
Set the value after changing to the new and old password of the JP1 user, and then re-execute the service. |
|
|
3-2-3 |
Compatible Plug-in |
-- |
Sets the value of a variable to a macro variable in AJS. |
Set the value after changing to the new and old password of the JP1 user, and then re-execute the service. |
|
|
3-2-4 |
Compatible Plug-in |
-- |
Determines whether or not the OS is Windows. |
Set the value after changing to the new and old password of the JP1 user, and then re-execute the service. |
|
|
3-2-5 |
Change password management information in JP1/Base |
01.00.04 |
Changes passwords of mapping users of JP1/Base of a specified server. |
Set the value after changing to the new and old password of the JP1 user, and then re-execute the service. |
|
|
4 |
jp1baseChangePassword |
Flow Plug-in |
-- |
Changes the password for a JP1 user. |
-- |
|
4-1 |
Standard Output Plug-in |
01.00.00 |
Outputs the value of a variable. |
Eliminate the cause of the error, and then re-execute the service. |
|
|
4-2 |
Compatible Plug-in |
-- |
Sets the value of a variable to a macro variable in AJS. |
Eliminate the cause of the error, and then re-execute the service. |
|
|
4-3 |
Compatible Plug-in |
-- |
Ascertains whether a JP1 user name has been specified. |
Eliminate the cause of the error, and then re-execute the service. |
|
|
4-3-1 |
Change JP1 user password |
01.00.04 |
Changes the JP1 user password on a specified authentication server. |
Eliminate the cause of the error, and then re-execute the service. |
|