2.5.35 Change operational user
Function
This service template changes password for OS users and JP1 users, and updates password management information registered in JP1/Base (Windows).
Note that in a CentOS environment, only changing password for OS users is executable.
It is enabled in the following systems:
• Systems in which jobs are executed by an agent server in a job execution environment that uses JP1/AJS3.
• Systems in which automated actions are performed and commands are executed on an agent server in a monitoring environment that uses JP1/IM.
This service template assumes that the following servers are being used.
• JP1 authentication server
Servers running a JP1/Base authentication server. These manage JP1 user information.
• Agent server
Servers on which JP1/Base is installed, and that execute jobs and perform automated actions.
To update administrative users' information to the above systems, the following tasks are performed.
(1) Change the OS user password. (Agent server)
(2) Update the password management information registered in JP1/Base. (Agent server)
(3) Change the JP1 user password. (JP1 authentication server)
Note that when OS user is set, (1) and (2) are performed. When JP1 user is set, (3) is performed. If you set both OS user and JP1 user, (1), (2) and (3) are performed.
If any of the JP1/AO server, the JP1 authentication server and the agent server is Windows, the execution of this services template requires the built-in Administrator. If the built-in Administrator does not exist or is invalid on each server, execute the "Change operational user(SYSTEM)" service template that executes with the system account.
Prerequisites
For the latest support information about [Required product in the System]/[Prerequisite products in the system executing the service template]/[Prerequisite product OS running in the system executing the service template], see the release notes.
[Required product in the System]
JP1/Automatic Operation 12-00 or later
[Prerequisite products in the system executing the service template]
(1) The following version of JP1/Base is running on the JP1 authentication server and the agent server:
Job Management Partner 1/Base 09-00 or later, or
JP1/Base 11-00 or later
[Prerequisite product OS running in the system executing the service template]
(1) Windows Server 2008 R2 Standard/Enterprise/Datacenter
(2) Windows Server 2012 Standard/Datacenter, Windows Server 2012 R2 Standard/Datacenter
(3) Windows Server 2016 Standard/Datacenter
(4) Windows Server 2019 Standard/Datacenter
(5) Red Hat Enterprise Linux Server 6 (32-bit x86), Red Hat Enterprise Linux Server 6 (64-bit x86_64)
(6) Red Hat Enterprise Linux Server 7 (64-bit x86_64)
(7) Red Hat Enterprise Linux Server 8 (64-bit x86_64)
(8) CentOS 6 (64-bit x86_64)
Note: Only changing OS user passwords is executable.
(9) CentOS 7 (64-bit x86_64)
Note: Only changing OS user passwords is executable.
(10) CentOS 8 (64-bit x86_64)
Note: Only changing OS user passwords is executable.
(11) Oracle Linux 8 (64-bit x86_64)
(12) AIX V6
(13) AIX V7
[Usage conditions of prerequisite products in the system executing the service template]
(1) The authentication server of the connection destination is set in JP1/Base on the agent server.
(2) To change the OS user password (or in the case of Windows, to update the password management information), specify the following properties:
common.targetHost
OS.osUserName
OS.osUserPassword
OS.osUserPasswordReEnter
OS.userType (Windows only)
(3) To change the JP1 user password, specify the following properties:
jp1base.certHost
jp1base.jp1UserName
jp1base.jp1UserPassword
jp1base.jp1UserPasswordNew
jp1base.jp1UserPasswordReEnter
(4) If JP1/Base on the agent server is in a cluster configuration, the service can only be executed in the active server environment. If the service was executed at least once on the active server and then a failover occurred, execute the service again by specifying the system environment settings and OS user information parameters, and leaving all the JP1 user information parameters blank.
Cautions
(1) To work with OS users of the domain environment, set property OS.userType to domain.
(2) If you are executing this service in a UNIX environment, do not use multibyte characters in properties.
(3) If specifying multibyte characters and when the agent server OS is Windows, specify the following parameters to be the lengths indicated.
OS user name: 20 bytes
OS user password: 64 bytes
OS user password re-entry: 64 bytes
(4)In order to execute this service, the JP1/AO server (loopback address resolved by localhost) and the server that is the connection destination must be set as agentless connection destinations.
(5)When executing this service for a UNIX environment, make sure that the OS user exists in advance.
Version
03.00.00
Tags
Configure JP1,Base
Property list
The following shows the list of the property groups set in the property:
Property group |
Description |
Initial display |
---|---|---|
System environment information |
Specify the environment information of the agent server. |
Y |
OS user information |
Specify the information for the OS user whose password is to be changed. |
Y |
JP1 authentication server information |
Specify the JP1 authentication server information for the JP1 user to be added. |
Y |
JP1 user information |
Specify the JP1 user information for the password to be changed. |
Y |
The following shows the list of the properties to be displayed in the "Service Definition" window:
- (Legend)
-
R: The property must be specified.
O: The property can be omitted. However, the property might be mandatory depending on what is specified for other properties. See the Description of each property.
Property key |
Property name |
Description |
I/O type |
Shared |
Required |
Property group |
---|---|---|---|---|---|---|
jp1base.certHost |
Host name of the JP1 authentication server |
Specifies the host name of the JP1 authentication server. This must be specified if you want to change the OS user's password. In the case of a cluster configuration, specify the physical host or logical host of the active server. |
Input |
Disabled |
O |
JP1 authentication server information |
jp1base.certHostLHostName |
Logical host name of JP1 authentication server |
Specify the logical host name of the JP1 authentication server (when the JP1 authentication server is in a cluster configuration). |
Input |
Disabled |
O |
JP1 authentication server information |
The following shows the list of the properties to be displayed on the "Service Definition" window and the "Submit Service" window:
Property key |
Property name |
Description |
I/O type |
Shared |
Required |
Property group |
---|---|---|---|---|---|---|
common.targetHost |
Agent server host name |
Specifies the host name or IP add. of the agent server. IPv6 are not supported. This must be specified if you want to change the OS user's password. In the case of a cluster configuration, specify the physical host or logical host of the active server. |
Input |
Disabled |
O |
System environment information |
jp1base.jp1BaseLHostName |
Logical host name of JP1/Base |
Specify the logical host name of JP1/Base on the agent server (if JP1/Base is used in a cluster configuration). |
Input |
Disabled |
O |
System environment information |
OS.osUserName |
OS user name |
Specifies the OS user name from the agent server. This must be specified if you want to change the password of the OS user. |
Input |
Disabled |
O |
OS user information |
OS.osUserPassword |
New password for OS user |
Specifies the new password for the OS user. |
Input |
Disabled |
O |
OS user information |
OS.osUserPasswordReEnter |
Re-enter new password for OS user |
Specifies again the new password for the OS user. |
Input |
Disabled |
O |
OS user information |
OS.userType |
OS user type |
Specify "local" or "domain" as the OS user type. This property only takes effect when the agent server is running Windows. |
Input |
Disabled |
O |
OS user information |
jp1base.jp1UserName |
JP1 user name |
Specifies the JP1 user name on the JP1 authentication server. This must be specified if you want to change the password for the JP1 user. |
Input |
Disabled |
O |
JP1 user information |
jp1base.jp1UserPassword |
JP1 user password |
Specify the password of the JP1 user. |
Input |
Disabled |
O |
JP1 user information |
jp1base.jp1UserPasswordNew |
New JP1 user password |
Specify a new password for a JP1 user. |
Input |
Disabled |
O |
JP1 user information |
jp1base.jp1UserPasswordReEnter |
Re-enter new password for JP1 user |
Specifies again the new password for the JP1 user. |
Input |
Disabled |
O |
JP1 user information |
The following shows the restrictions on inputs to the properties displayed in the "Service Definition" window:
Property key |
Characters that can be input |
---|---|
jp1base.certHost |
A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -. |
jp1base.certHostLHostName |
A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -. |
The following shows the restrictions on inputs to the property displayed on the "Service Definition" window and the "Submit Service" window:
Property key |
Characters that can be input |
---|---|
common.targetHost |
A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -. |
jp1base.jp1BaseLHostName |
A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -. |
OS.osUserName |
A character string of no more than 20 characters can be entered. It cannot include <, >, |, ;, &, `, or a trailing \. In case of executing this service to UNIX, it cannot include multibyte character. |
OS.osUserPassword |
A character string of no more than 64 characters can be entered. It cannot include <, >, |, ;, `, or a trailing \. In case of executing this service to UNIX, it cannot include multibyte character. |
OS.osUserPasswordReEnter |
A character string of no more than 64 characters can be entered. It cannot include <, >, |, ;, &, *, ?, ", %, or a trailing \. In case of executing this service to UNIX, it cannot include multibyte character. |
OS.userType |
Select one of the following values: local,domain |
jp1base.jp1UserName |
A maximum of 31 characters can be entered. Characters that can be used include alphanumeric characters, as well as !, #, $, %, ', -, @, _, ~. |
jp1base.jp1UserPassword |
A character string of between 6 and 32 characters can be entered. Characters that can be used include alphanumeric characters, as well as !, #, $, %, ', -, /, =, ?, @, [, ], ^, _, {, } and ~. |
jp1base.jp1UserPasswordNew |
A character string of between 6 and 32 characters can be entered. Characters that can be used include alphanumeric characters, as well as !, #, $, %, ', -, /, =, ?, @, [, ], ^, _, {, }, and ~. |
jp1base.jp1UserPasswordReEnter |
A character string of between 6 and 32 characters can be entered. Characters that can be used include alphanumeric characters, as well as !, #, $, %, ', -, /, =, ?, @, [, ], ^, _, {, }, and ~. |
Flow specification details
The following table shows the detailed specification of the flow:
Hierarchy |
Display name |
Plug-in |
||
---|---|---|---|---|
Plug-in name |
Description |
Error recovery method |
||
1 |
checkOS |
Flow Plug-in |
Determines the OS type of the JP1 authentication server or agent server. |
-- |
1-1 |
Output OS type |
Ascertains the OS of the JP1 authentication server. |
Eliminate the cause of the error, and then re-execute the service. |
|
1-2 |
Output OS type |
Ascertains the agent server OS. |
Eliminate the cause of the error, and then re-execute the service. |
|
1-3 |
Output OS type |
Outputs the OS of the JP1/AO server. |
Eliminate the cause of the error, and then re-execute the service. |
|
2 |
osChangePassword |
Flow Plug-in |
Changes the password for an OS user. |
-- |
2-3 |
Compatible Plug-in |
Ascertains whether an OS user name has been specified. |
Eliminate the cause of the error, and then re-execute the service. |
|
2-3-1 |
Change password for OS user |
Changes user passwords on an agent server (or server domain). |
Eliminate the cause of the error, and then re-execute the service. |
|
3 |
jp1baseChangeUserInfo |
Flow Plug-in |
Updates OS user information registered in JP1/Base. |
-- |
3-1 |
Compatible Plug-in |
Ascertains whether an OS user name has been specified. |
Eliminate the cause of the error, and then re-execute the service. |
|
3-2 |
Flow Plug-in |
Updates OS user information registered in JP1/Base. |
-- |
|
3-2-3 |
Compatible Plug-in |
Determines whether or not the OS is Windows. |
Set the value after changing to the new and old password of the JP1 user, and then re-execute the service. |
|
3-2-4 |
Change password management information in JP1/Base |
Changes passwords of mapping users of JP1/Base of a specified server. |
Set the value after changing to the new and old password of the JP1 user, and then re-execute the service. |
|
4 |
jp1baseChangePassword |
Flow Plug-in |
Changes the password for a JP1 user. |
-- |
4-3 |
Compatible Plug-in |
Ascertains whether a JP1 user name has been specified. |
Eliminate the cause of the error, and then re-execute the service. |
|
4-3-1 |
Change JP1 user password |
Changes the JP1 user password on a specified authentication server. |
Eliminate the cause of the error, and then re-execute the service. |