Problem: Mistakenly removed user:SYSAD from #DSAdmin group with internal security. How can this be recovered? Resolution: There are a few possible ways to try and get the SYSAD back again if it is still possible to do so. Depending on user ID and rights these are just a few options available: One is to connect as login/password: schemaadmin/schemaadmin And then modify the password of a user in the security management or create SYSAD again. Another way is if all that was done is deleting the SYSAD and schemaadmin users (i.e. left all the groups intact) then what would be required is to (re-)add a user/Account call ‘SYSAD’ (and schemaadmin if required) and make it a member of the #DSAdmin group. If it is no longer possible to get into the ES Admin console (e.g. because the (AD) account is locked out, the password is unknown or the Admin Console refreshes before there is a response), it is possible to remove or reset the security manager, effectively 'unchecking' the "restrict admin access" flag. To do this, delete the mfdsacfg file in the MFDS repository directory and restart MFDS e.g Unix: $COBDIR/../etc/mfdsacfg.xml $COBDIR/../etc/mfdsacfg.dat When MFDS restarts, a new (default) mfdsacfg.dat file is created which won't have "restrict admin access" flag checked, hence it is then possible to get back into ES Admin console, from where the 'security' options can be accessed and either a new ESM can be set for MFDS and/or the specific ESM configuration can be changed (e.g. to change the "Authorized ID" or associated password), or the refresh timer could be increased to allow more time for a response from the ESM. The MFDSACFG.DAT file only affects MFDS, will have no bearing on CAS.
↧
