Managing OMT Management Portal Access

At times, you may be unable to log in to the OMT Management Portal with the admin user. When this situation occurs, you can unlock the user's account or reset the user's password.

 

Resetting the OMT Administrator Password

You can reset the administrator password on a OMT installation.

  1. Browse to OMT Management Portal.
  2. Log in using admin USERID and the password you specified during the platform installation in the command line argument. (This URL is displayed at the successful completion of the OMT installation shown earlier.)
  3. In the left navigation page, click IDM Administration.
  4. In the main panel, click SRG.
  5. In the left navigation bar, click Users.
  6. In the list of users on the right, select Admin and click Edit.
  7. In the bottom right, click Remove Password.
  8. Click Add Password.
  9. Enter a new admin password, then click Save.

 

Unlocking the OMT Management Portal User Account

  1. Log in to a master node as root.
  2. To access the shell of the idm container, run the following command:
    3.  kubectl exec -it $(kubectl get pod -n core -ocustom-columns=NAME:.metadata.name |grep idm|head -1) -n core sh -c idm
  3. To unlock the user, run the following command:
    4. sh /idmtools/idm-installer-tools/idm.sh databaseUser unlockUser -org Provider -name admin

Resetting the User's Password

  1. Log in to a master node as root.
  2. Run the following command to access the idm pod:
kubectl exec -it $(kubectl get pod -n core -ocustom-columns=NAME:.metadata.name |grep idm|head -1) -n core sh idm
  1. Run the following command to reset the password to a temporary value. (Replace <new_tmp_password> with your new temporary password.)
sh /idmtools/idm-installer-tools/idm.sh databaseUser resetPassword -org Provider -name "admin" -plainPwd "<new_tmp_password>"
If the user account is locked due to too many failed login attempts, run unlock, as described above in Unlocking the OMT Management Portal User Account.
  1. Log into the OMT Management Portal with the new temporary password, then set the new non-temporary password on the password reset page.
  2. Log in to the OMT Management Portal with the new password.

Accessing the OMT Management Portal Reconfigure Page

At times, you might not be able to access the OMT Management Portal Reconfigure page. For example, this issue might occur when you are trying to perform an upgrade.

In that case, follow the steps below to remedy the issue:

  1. Verify the status of the nginx-ingress-controller DaemonSet :

    NS=$(kubectl get namespaces | awk '/arcsight/{print $1}');kubectl get daemonset nginx-ingress-controller -n $NS

  2. Create a new nginx-ingress-controller.yaml file:

    cd ${K8S_HOME};kubectl get daemonset nginx-ingress-controller -n `kubectl get namespaces | grep arcsight-installer | awk '{print $1}'` -o yaml > \
nginx-ingress-controller.yaml

  3. Ensure that the saved nginx-ingress-controller.yaml file exist in the ${K8S_HOME} home directory (/opt/arcsight/kubernetes) and contains definitions in yaml format.

  4. Delete the current nginx-ingress-controller configuration:

    kubectl delete -f ./nginx-ingress-controller.yaml

  5. Apply the new nginx-ingress-controller configuration:

    kubectl apply -f ./nginx-ingress-controller.yaml

  6. Wait until the nginx-ingress-controller pods are up and running:

    kubectl get pods -n $NS --watch | grep nginx-ingress-controller

  7. Verify the nginx-ingress-controller controller daemonset status:

    kubectl get daemonset nginx-ingress-controller -n $NS