Structure of PSACCESSPROFILE table in PT8.55 and how to update SYSADM password in PSACCESSPROFILE table?
A new table PSACCESSPROFILE has been created with new longer fields and the addition of fields IN PT 8.55.The PSACCESSPRFL is deprecated and no longer used.
PSACCESPRFL table was replaced with the PSACCESSPROFILE table capable of providing a more secure implementation.
Desc PSACCESSPROFILE
Name Null Type
------------------ -------- ------------------
SYMBOLICID NOT NULL VARCHAR2(8 CHAR)
STM_ACCESS_ID NOT NULL VARCHAR2(254 CHAR)
STM_ACCESS_PSWD NOT NULL VARCHAR2(254 CHAR)
STM_ACCESS_PART1 NOT NULL VARCHAR2(128 CHAR)
STM_ACCESS_PART2 NOT NULL VARCHAR2(128 CHAR)
ENCRYPTED NOT NULL NUMBER(38)
STM_ENCRYPTION_VER NOT NULL NUMBER(38)
VERSION NOT NULL NUMBER(38)
To update SYSADM password using PSACCESSPROFILE table run below SQL
UPDATE PSACCESSPROFILE SET STM_ACCESS_ID = 'SYSADM', SYMBOLICID = 'SYSADM1', STM_ACCESS_PSWD = 'SYSADM', VERSION = 0, ENCRYPTED = 0;
Running ENCRYPT_PASSWORD * after update statement is mandatory now.
Please use the normal provided methods for encrypting Passwords and those fields will contain the correct information to ensure properly functioning security of your environments Access ID/Password. The proper methods are:
1. Application Designer -> Tools -> Miscellaneous Defintions -> Access Profiles.
2. CHANGE_ACCESS_PASSWORD via Datamover Bootstrap mode.
3. ENCRYPT_PASSWORD *; via Datamover Boostrap mode. (note: this will encrypt any row that has ENCRYPTED field = 0)
Another new feature is
SHA-2 Hash Algorithm and 4096 Key size Support
When generating private keys for application server-based digital certificates, by default PT 8.55 uses the SHA-256 with RSA encryption algorithm and the 4096 key size. When using PSKeyManager to generate private keys for web server-based digital certificates, the default signing algorithm is SHA-256 with RSA encryption. In addition, the PSOPRDEFN table features a new column for SHA-2 hashed passwords.
i have run rel855 and rel855n.sql on my database. after that when i try to login to datamover/application designer it is giving me invalid user id/password. i have changed and encrypted VP1 password but still getting the same error. Please help me on this
ReplyDelete1) Find out the permission lists from the table PSAUTHITEM for the Data Mover, by running the query
Deleteselect classid, menuname from Psauthitem WHERE MENUNAME='DATA_MOVER';
2) Find out the role for which the permission list from the above is assigned by running the query
SELECT DISTINCT ROLENAME FROM PSROLECLASS A,PSAUTHITEM B WHERE A.CLASSID IN (select DISTINCT CLASSID from psauthitem WHERE MENUNAME='DATA_MOVER') AND MENUNAME = 'DATA_MOVER';
3) Findout the user for which the role names from the result of the above query is assigned by running the query
SELECT DISTINCT ROLEUSER FROM PSROLEUSER A WHERE A.ROLENAME IN (SELECT DISTINCT ROLENAME FROM PSROLECLASS A,PSAUTHITEM B WHERE A.CLASSID IN (select DISTINCT CLASSID from psauthitem WHERE MENUNAME='DATA_MOVER'));
If your user does not have the 'DataMover' role, then you can add the 'DataMover' role by updating the Psroleuser table. After adding the role, make sure to purge cache directories in configuration manager before launching Data Mover.
EXAMPLE:
insert into psroleuser
(ROLEUSER,ROLENAME,DYNAMIC_SW)
values
('VP1','DataMover','N')
for User "VP1".