• Search Forums
    Advanced Search Topics Posts
Prev
Next
Forums Infor / Lawson Platforms S3 Systems Administration

Bad admin password for ssoconfig

 11 Replies
 0 Subscribed to this topic
 27 Subscribed to this forum
Sort:
Author
Messages
George Graham
Veteran Member Send Private Message
Posts: 201
Veteran Member
7/15/2013 2:59 PM
For some reason ssoconfig password has stopped working. Tried to initiate the recovery process but smtp server that was setup is not valid as well. Any other thoughts other than trying to restore ldap?
Roger French
Veteran Member Send Private Message
Posts: 549
Veteran Member
7/15/2013 5:02 PM
Have you tried reviewing your install config doc?
George Graham
Veteran Member Send Private Message
Posts: 201
Veteran Member
7/15/2013 6:42 PM
Yes - the password and smtp settings are actually old - and the smtp settings were evidently not changed on the server after it changed.

Anyone know if the ssoconfig admin password isactually stored in ldap or encrypted in a flat file?
Greg Moeller
Veteran Member Send Private Message
Posts: 1498
Veteran Member
7/15/2013 7:02 PM
Look in $LAWDIR/system/install.cfg file for SSO_CONF_PASSWORD
George Graham
Veteran Member Send Private Message
Posts: 201
Veteran Member
7/15/2013 7:15 PM
That one is not/was not the current password. The correct password worked as of last week and had been changed since the original one during the install.
Greg Moeller
Veteran Member Send Private Message
Posts: 1498
Veteran Member
7/15/2013 7:33 PM
Not sure which ones at the moment, but if you are going to change passwords, the install.cfg file should also be updated as some of the Lawson stuff reads the file on an on-going basis.
George Graham
Veteran Member Send Private Message
Posts: 201
Veteran Member
7/15/2013 7:50 PM
I may not be communicating this properly - the password for SOME reason just stopped working - so neither what was the correct password nor what is in the install.cfg work. And to complicate this using ssoconfig -r fails as the smtp server originally identified - and what is in install.cfg and authen.dat - so the password recovery process cannot be used. So at this point we can't get into ssoconfig at all. 

That's why I'm asking where that password is truly stored so that we could possibly restore it - or if there is some other alternative.
Roger French
Veteran Member Send Private Message
Posts: 549
Veteran Member
7/15/2013 8:14 PM
If the ssoconfig password was or is the same as the ldap root password, maybe that would be it.

So from what I understand, is that:
1) password doesn't work
2) recovery of the password isn't possible because the smtp server originally identified doesn't work? Did that smtp server also change? How do you know that the smtp server doesn't work?


Are you able at all to get into the Lawson ldap?
George Graham
Veteran Member Send Private Message
Posts: 201
Veteran Member
7/16/2013 12:24 PM
LDAP is accessible and system is working. Trying to get in to do some other changes. When the recovery command is issued getting the following - which the actual SMTP host the message is giving is an old and no longer valid smtp server.

D:\lsftest>ssoconfig -r

Got exception: javax.mail.SendFailedException: Sending failed;
 nested exception is:
       class javax.mail.MessagingException: Unknown SMTP host: xxxxxx.org;
 nested exception is:
       java.net.UnknownHostException: xxxxxx.org
Stack Trace : javax.mail.SendFailedException: Sending failed;
 nested exception is:
       class javax.mail.MessagingException: Unknown SMTP host: xxxxxx.org;
 nested exception is:
       java.net.UnknownHostException: xxxxxx.org
       at javax.mail.Transport.send0(Transport.java:218)
       at javax.mail.Transport.send(Transport.java:80)
       at com.lawson.lawsec.authen.AuthenDat.sendMail(AuthenDat.java:2327)
       at com.lawson.lawsec.authen.SSOConfig.main(SSOConfig.java:176)

 
Kwane McNeal
Veteran Member Send Private Message
Posts: 479
Veteran Member
7/16/2013 12:35 PM
George,
The password for ssoconfig is *not* in the LDAP. check LAWDIR/system/authen.dat. If that doesn't work, restore the backup copy from LAWDIR/system/.ssobackup
Do NOT manually edit the file, as it has a verification hash in it.

Kwane
Greg Moeller
Veteran Member Send Private Message
Posts: 1498
Veteran Member
7/16/2013 12:36 PM
How about creating a DNS alias for your old smtp server pointing to your new one?
Kwane McNeal
Veteran Member Send Private Message
Posts: 479
Veteran Member
7/16/2013 12:52 PM
George,
I was thinking the same thing as Greg, and if you go that route just make sure if you add both the CNAME and an MX record.

Kwane