How to change the password of the Application Identity account

Article:TECH194254  |  Created: 2012-08-01  |  Updated: 2012-10-09  |  Article URL http://www.symantec.com/docs/TECH194254
Article Type
Technical Solution


Environment

Issue



Need to change the password of the Application Identity account.


Solution



1.        Create a separate account that is a Symantec Administrator to the SMP and has DBO access to the Symantec_cmdb database.
2.        Reconfigure the application identity on the console under Settings – All Settings –Notification Server – Notification Server Settings with this separate account.
3.        Verify that the Altiris services are now configured to use the new account.
4.        Once the settings have been changed, restart IIS. IIS may have cached the old credentials.
5.        Take note in the console such as replication credentials or other process that may be using the application identity account as a “specified account” where the account information is entered manually. These locations will also need to be changed to the separate account or changed if possible to use the “Use Application Identity” setting.
6.        Change the password of the original application identity account on the server or within Active Directory depending upon whether this is a local admin account or a domain account.
7.        Test the new password by attempting to log in to the NS with the app identity and new password
8.        Reconfigure the application identity on the console under Settings – All Settings –Notification Server – Notification Server Settings.
9.        Verify that the Altiris services are now configured to use the new account.
10.      Reconfigure the locations in the console that require using the application identity as a “specified account”.
11.      Once the settings have been changed, restart IIS. IIS may have cached the old credentials.

Another method will be using aexconfig.exe utility to set the application account (from \Notification Server\bin directory and run aexconfig /? please see for more options).
   
Use the option /svcid which requires a user name and password. Substitute the appropriate domain, username and password into the syntax below and run the command below in the CMD window from the directory where you have installed the Symantec Management Platform. By default this is C:\Program Files\Altiris\Notification Server\Bin:

AeXConfig.exe /svcid user:<domain\username> password:<password>

Example: AeXConfig /svcid user:superkarate\administrator password:pw.
   
Restart IIS.





Article URL http://www.symantec.com/docs/TECH194254


Terms of use for this information are found in Legal Notices