Active IQ Unified Manager Discussions

Workflow Change a password on multiple clusters

olson
6,369 Views

Greetings,

                    if you need to replicate the 7mode dfm behavior that allowed you to update a account password for compliance reasons here is a workflow that performs this task.

To use this workflow simply import it. Cick execution -> Credentials create a new credential "other" for hostname "newpassword" the user should be the user you wish to update. The password is the new password you wish to use.

Then simply launch the workflow and select the clusters you wish to update.

The workflow is currently designed to assume the cluster, a SVM could be specified if desired.

To use the workflow after the first time simply update the password.

NOTE: I would strongly recommend a second admin account for wfa on all clusters. WFA would use the alternate credentials to access the systems. If not utilize the 8.2 feature to add the system to AD to ensure that a typo does not prevent access to the systems. if you do not you must update your system credentials after changing passwords or you will lose administrative access to the selected machines.

7 REPLIES 7

FRODOBROWN
6,369 Views

Why does it need to update the system? Could it be just changing the password without updating the system?

olson
6,369 Views

The update to the clusters is changing the password for the desired user. The update to ocum or wfa would also include a password update however that is outside the scope of this workflow. This workflow allows you to update a account on multiple storage systems at the same time.

korns
6,369 Views

Very cool ... keep up the good work!

kramar
6,369 Views

Just tried this but am getting the following error any ideas.

17:32:23.633 INFO  [Change SVM User Password] Connect-Controller -Type CLUSTER -Name cluster821 -Credential  -Vserver  -Timeout 60000

17:32:23.899 INFO  [Change SVM User Password] Connect-NcController (without credentials) -Name cluster821 -Timeout 60000 -ErrorAction Stop

17:42:21.660 ERROR  [Change SVM User Password] Command failed for Workflow 'Change Cdot Password' with error : Command '$Uri = @($input)[0] ; C:\Program` Files\NetApp\WFA\jboss\..\PoSH\profile.ps1;Invoke-WfaCommand -Script './Change_SVM_User_Password7484665372539707838.ps1 -Cluster ''cluster821'' -createauditlog $false -svmname ''cluster821'' '' timed out

17:42:21.957 INFO  [Change SVM User Password] ***** Workflow Execution Failed *****

I also get the following error when issuing get-wfacredentials from powershell on wfa server not sure if it is related

Get-WfaCredentials : Execution URI input line was not set

olson
6,369 Views

Do you have existing credentials set for the array? The "WFA" commands will not work without loading the wfa profile

.\"Program Files\NetApp\WFA\PoSH\profile.ps1"

kramar
6,369 Views

yes, existing credentials are set and work with other workflows without issue.

kramar
6,369 Views

Figured it out there was a typo in the hosts file, thanks!

Public