cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
RAGHU_PRATAPA
Level 7
Report Inappropriate Content
Message 1 of 3
‎03-02-2023 09:38 PM

How to create a new Username, Password for ePO console login or ePO SQL DB on a running ePO setup

Hi,

Site has a ePO setup installed and configured, working fine. But site is using  ePO console login with the  Domain account which was set in ePO while installing & configuring login credentials.

Site configuration : ePO-5.10.0, ENS-10.6.1, MA-5.7.

Now site  decided to  not  to use Domain user account & its password  for ePO console  login and want to  create a new username, new password which is  dedicated to ePO only.

We know that ePO login credentials will be created at time of  ePO SQL instance configuration which will be same used by ePO console login. In ePO  console  we didnt  find  any option  for creating a new Username, Password.

Please advise us for exact procedure to be followed for removing  existing  Domain user account login credentials of ePO and  procedure to create a new login credentials  without  disturbing  existing  ePO or SQL database  or any other loss of ePO data or configuration.   

Please let us know any other details required from site.

0 Kudos
Reply
2 Replies
rgc
Employee
Employee
Report Inappropriate Content
Message 2 of 3
‎03-02-2023 11:23 PM

Re: How to create a new Username, Password for ePO console login or ePO SQL DB on a running ePO set

 steps to create SQL user and update to ePO to overcome the domain user dependency.

Step 1: 
Open Sql management studio - Select the SQL server build number and right click properties
Click on security - Select the radio button as below.
SQL server and windows Authentication mode 
Click okay and restart the SQL server service ( mandatory)

Step 2:
Open Sql management studio - Expand - "Security"  -- Logins
Right click on "Logins" - New login
Select == SQL server authentication
Type: Login Name:   ( Example: EPOSA user)
type the password 
If you dont want enforce password policy un check the check box

Click on "Server Roles" in the left pane
Select "sysadmin" checkbox

Click on User Mapping in the left pane
Select the ePO core and events database, and while selecting one by one  ensure db_owner checkbox is selected

Then click Okay to get this created


Step 3:
To check this user is working, login to management studio and select SQL authentication from default windows authentication and type this new user and password to confirm it is logging in and able to expand the databases and epo db is able to expand and all tables are visible.


Step 4: 
Go to  <ePO installed folder>\server\conf\orion    directory.
Take a backup of the db.properties file in this folder.
Like you can copy and do a paste on same folder for one more file to create.

Step 5:
Open the ePO console with core/config page
Https://localhost:8443/core/config 
Login with admin credentials.

It opens the page of the core/config 

 user name: Type the updated new SQL user
User domain: remove the existing domain name and leave it blank
User password: click on change password and type the sql user password

Mandatory: Click on test connection, if this is successful ONLY then click on APPLY button
If this is failing, just close the browser and don't click on apply.

Step 6:   If the step 5 is successful, only then follow this step.

Go to services.msc and stop all 3 ePO services
Start all 3 ePO services and then you can demote the system from the domain and since the epo is using now sql authentication.


Additionally to this,  the windows domain authentication can be used with registered servers - lDAP server configured.
If you have deploy agent configured with windows domain authentication, these will stop working, later you have to update  these places by login to ePO console, if those options been using in this environment.

Go through this KB, this will be helpful
https://kcm.trellix.com/corporate/index?page=content&id=KB51465





Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!


Raghavendra GC - [RGC]
0 Kudos
Reply
cdinet
Employee
Employee
Report Inappropriate Content
Message 3 of 3
‎03-14-2023 01:46 PM

Re: How to create a new Username, Password for ePO console login or ePO SQL DB on a running ePO set

If you are referring to the default admin account created for the purpose of logging into the console (not the database connection), then you can create new users in epo under the users section.  It is advised to keep the default admin account as epo authentication rather than windows, even if you aren't using that account.  The purpose of that is that if windows authentication ever fails for any reason, you still have a way to authenticate to the console.  Otherwise you can follow the instructions for resetting the sql account.  Just make sure it has all the appropriate permissions needed.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC