Access Manager: How to change the Active Directory Service Account Password via SSH

system
This article is marked as obsolete.

 

Active Directory configurations can be subject to passwords that have a limited life, and it is not uncommon for a system to use a service account that has a password expiry. When the service account password expires Access Manager will be unable to synchronise the directory.

 

In order to quickly make changes to the service account details we have added a command that you can run through an SSH connection to Access Manager which will update the service account password:

connectors -c <connectorId> <connectorAttributeName>=<value>

 

To find the information you require from Access Manager you should first open SSH remote access from Network->SSH Remote Management->Enable remote SSH management then connect to the system via SSH.

Run the command "connectors", you'll see something this:

ID Name Status Error
1 Default RUNNING  
2 vm WAITING  
3 GoogleApps WAITING  

 

The ID field will be the value you must provide for <connectorID>

The <connectorAttributeName> in this case is directory.serviceAccountPassword

And <Value> is the new password for the service account user

 

Using this information we can determine the command to set the service account of Default with a new password of Pa55w0rd would be:

connectors -c 1 'directory.serviceAccountPassword="Pa55w0rd"'

 

If you wanted to send this command at the point of SSH connection you can include this as an argument with the SSH connection details. Depending on the client system you are using the following SSH commands will perform the password update

Linux:

ssh -t -p <SSH PORT> admin@<IP or HOSTNAME> connectors -c 1 'directory.serviceAccountPassword="Pa55w0rd"'

 

Windows (using Plink):

plink -ssh <IP or HOSTNAME> -t -l admin connectors -c 1 "directory.serviceAccountPassword=Pa55w0rd"

 

You will be prompted to enter the admin user's password, after which the service account password will be set to the new value.