Update Passwords in your Aternity Deployment

You may want to change the passwords on the servers in your Aternity installation, for security reasons and to comply with corporate policy. You can change passwords on all or some of the servers at the same time.

The process for changing passwords on all of the servers may take several hours, during which time Aternity servers and dashboards will not be available, and Aternity will not collect data from monitored devices.

Aternity on-premise topology

Before you begin

Ensure that you have administrator credentials for the Aternity Aggregation Server, Management Server, Data Warehouse Server, Dashboard Server, Docker Components Server, and Vertica Database Server.

Your DBA should be available to make changes to the Oracle Database Server.

Note

You will have to reinstall the Dashboard Gateway and Aternity Docker Components Server as part of this procedure. If you are deploying Aternity in an air-gapped network, download the files and packages you need to install these components, before beginning the setup procedures. Learn more.

Procedure

  1. Step 1 Sign in to the Aternity Aggregation Server, Management Server, Data Warehouse Server, and Dashboard Server as an administrator.
    Important

    If you have more than one of any of these servers, you must sign in and change the password on each host computer.

  2. Step 2 Stop the AternityPlatform service on these servers, in this order:
    1. Management Server

    2. Aggregation Server

    3. Data Warehouse Server

    4. Docker Components

    To stop the services, you must sign in to each computer as an administrator, and access the Windows Services screen.

  3. Step 3 Stop the Aternity Docker Components Server.

    Log in to the Aternity Docker Components Server as a user configured to run Docker Components as a non-root user. Learn more.

    In the aternity-docker-admin home directory, run the command ./aternity-docker-admin stop. This stops all Docker components.

    Running commands as root is not necessary if a non-root user was correctly predefined in the sudoers file. Learn more.

  4. Step 4 On the main Dashboard Server, stop the Tableau service by opening a command prompt as administrator and entering tabadmin stop.

    Navigate to <setup_dir>\Tableau\Tableau Server\<version>\bin then enter tabadmin stop

    Stop the server on the main Dashboard Server
  5. Step 5 On the Dashboard Server, stop the Aternity Tableau Gateway service.
  6. Step 6 (DBA task) Sign in to the Oracle Database Server and change the ATERNITY and GR schema passwords by running alter user <name> identified by '<new_password>'.
    Change the schema passwords
    Important

    The ATERNITY schema password on the Oracle Database Server and the Vertica Database Server must be identical, so if you change one, you must change the other to match.

  7. Step 7 On the Vertica Database Server, change the database admin password.
    1. a Sign in to the Vertica Database Server host computer, and switch to the database admin user, such as dbadmin, using su <user name>.
    2. b Run the Vertica administration tool by entering admintools.
      Vertica's database administrator tools
    3. c Select Connect to Database and provide the password of the Vertica Database Server admin.
    4. d Change the database administrator's password by running alter user <name> identified by <new_password>.
      Change the administrator's password
  8. Step 8 On the Vertica Database Server, change the ATERNITY schema password to be identical to the revised ATERNITY schema password in the Oracle database.
    Follow the instructions in the above step using the ATERNITY schema name.
  9. Step 9 Configure Aternity to recognize the revised database credentials.
    1. a On the Management Server, launch the Configuration Tool from the Start menu, by right-clicking it and selecting Run as administrator to start.
      Open the Configuration Tool
    2. b In Database Configuration > Database Connection > Configure Database Credentials, change the password to the revised Oracle Database Server and Vertica Database Server ATERNITY schema password, as well as the revised Vertica Database Server dbadmin password (Superuser credentials).
      Provide the new credentials for the Vertica Database Server
    3. c Change the GR schema password as well.
  10. Step 10 On the Dashboard Server, start the Tableau service by opening a command prompt as administrator and entering tabadmin start.

    Navigate to <setup_dir>\Tableau\Tableau Server\<version>\bin then enter tabadmin start

    Start the Dashboard Server
  11. Step 11 In Windows services, start the Aternity Tableau Gateway service.
  12. Step 12 Update the Tableau administrator password.

    Open a browser, navigate to the Tableau console login page at http(s)://<server ip address>, and sign in as a Tableau user with administrator privileges. Select the Users tab > <server administrator> > Settings > Change Password.

    Change the password for all administrators, but not for any other users.

    Change each administrator's password
  13. Step 13 Reinstall the Dashboard Gateway and provide the new Tableau server admin user password.
    Provide the new Tableau admin password to the Dashboard Gateway

    You can also change the Dashboard Gateway user password (learn more).

  14. Step 14 Access the Aternity Management Server computer.
  15. Step 15 Log in to the computer as a local administrator.

    To verify you are a local administrator on this computer, not a domain administrator, open the System control panel, select Advanced system settings > Computer Name, and confirm the Change button is active.

  16. Step 16 On that computer, launch the Configuration Tool from the Start menu, by right-clicking it and selecting Run as administrator to start.

    When you create any Aternity server it adds the Configuration Tool.

  17. Step 17 Select Tableau Dashboard Loader.
    Select to add dashboard layouts
  18. Step 18 Confirm the details to connect to the Dashboard Gateway on the Aternity Dashboard Server.
    Confirm the connection details to the Dashboard Gateway on the Dashboard Server
    Field Description
    Hostname / IP Address

    Enter the hostname or IP address of the Dashboard Gateway (which is the same as the Aternity Dashboard Server).

    Port

    Enter the port of the Dashboard Gateway, which you entered when creating the Dashboard Gateway.

    This is NOT the port for direct user access to the dashboards. This is the Dashboard Gateway port.

    Username / Password

    Enter the username and password of the Dashboard Gateway, which you entered when creating the Dashboard Gateway.

    Select Next to test the connection details to the Dashboard Gateway, which may take longer than expected.

  19. Step 19 Select Use an Existing Site and select the site name you used in your existing setup.
    Use the Tableau site as the target to save the dashboard layouts
  20. Step 20 Either select the dashboard layouts delivered with the setup package, or if you downloaded a custom dashboard package, select that option and browse to the file.
    Add the layouts built-in to the setup or a separate patch update
    Field Description
    Dashboards Shipped with Setup

    Select to add the dashboard layouts which are built-in to this Configuration Tool, if you did not download a separate dashboard layout package.

    Custom Dashboard Content

    Select to browse to a separate downloaded dashboards package.

  21. Step 21 Start the AternityPlatform service on these servers, in this order:
    1. Management Server

    2. Data Warehouse Server

    3. Aggregation Server

    Start the service in the Windows Services screen.

    Important

    If you have more than one of any of these servers, you must start the service on each one.

  22. Step 22 Update all Docker Components with the new passwords in Oracle and Vertica, and start all the components, by doing the following:

    On the Aternity Docker Components Server, in the aternity-docker-admin home directory, run the command: ./aternity-docker-admin reconfigure. This allows you to run commands to change the Messaging Broker and Raw Data Component passwords, if necessary.

  23. Step 23 (Optional) Set passwords for Messaging Broker and Raw Data Component using the Docker administration tool.

    Run ./aternity-docker-admin cassandra set-password and/or ./aternity-docker-admin kafka set-password.

    Important

    If you deploy Aternity with a non-root user, do NOT preface the docker-admin commands with sudo.

  24. Step 24 Open a browser and sign in to Aternity.

    Sign in as the administrator for the next steps.

  25. Step 25 (Optional) If your custom attributes use a connection to the Aternity Oracle Database Server, enter the updated password inside Aternity's settings.

    If you defined custom attributes using a query in the database, select the Gear Icon > Settings > Advanced Settings > Aternity > Dataserver > Handlers > StaticsMessageHandler > DerivedAttrGeneratorManager > generatorsData, and enter the new password in the xml file.

    Change the database password if your attribute mapping is database dependent
  26. Step 26 Select User Icon > Change Password.