4 Replies Latest reply: Jan 30, 2013 10:40 AM by Bill Robinson RSS

change the bladmin user name to something else

david@belmont-ss.com

We are working with a client with an existing BSA installation and they have set the bladmin up in AD so it is a network user.

Our mission is to install CLM 3.0 on the same managed network as thier existing BSA installation - even though we recommend that they do not.

So our issue is when we install the BSA appserver for CLM the service will not start because of the network user bladmin (for which we do not have the password).

 

So my question is - can we use a different user for bladmin - or is it hard coded into the app server?

 

 

** Note - we are assuming this is the problem.

When we attempt to start the appserver (/etc/init.d/blappserv start) we are prompted for a password - and we have never seen that before.

And the password is not the password set in blasadmin

  • 1. Re: change the bladmin user name to something else
    Bill Robinson

    there should be a way to install the appserver if the bladmin id already exits, it's possible that when the installer runs it's not able to lookup the user, then fails later when the useradd runs.  you could temporarly disable the AD (what is it - centrify or something?) on the target box, run the installer and then fix up the ownership after the fact.

  • 2. Re: change the bladmin user name to something else
    david@belmont-ss.com

    Thanks Bill - will give that a try

  • 3. Re: change the bladmin user name to something else
    david@belmont-ss.com

    Assuming we can disable the LDAP lookup on the target box and run the installer and the installer successfully creates a local user called bladmin, when we reconnect the target box to LDAP would there be any password confilict between the local and the network user bladmin?

     

    I am assuming that the bladmin linux user is hard coded somewhere in BSA and that the password for the bladmin user is stored somewhere (in the database perhaps?).  When the service is started/restarted which user will it attempt to authenticate against?  Is the "hard coded" bladmin specifically a local user - as in bladmin@localhost or are we hoping/assuming that the authentication will always be done locally first.  I am not sure how the client has the ldap bindings set up and changing them may be extremely difficult.

     

    Can the bladmin linux user be changed or is it really hard coded and can never be changed?

  • 4. Re: change the bladmin user name to something else
    Bill Robinson

    i don't believe there is a password created for the bladmin user - it should be locked. so you can su - to the user but you can't login as the user.

     

    afaik it's hardcoded - i'm sure it's possible to run it under a different account name if you can get it installed but it's not something we've tested or officially support.  you'd need to modify the init script to su to a different user and you'd need to chown the files that are currently owned as bladmin to another user.

     

    you should be able to disable ldap, run the install, remove the local bladmin account, re-enable ldap, chmod all the files and go from there.