Help Center > > User Guide> Managing Active Clusters> Security Management> Changing the Password for a Component Running User

Changing the Password for a Component Running User

Updated at: Dec 31, 2019 GMT+08:00

Scenario

Periodically change the password for each component running user of the MRS cluster to improve the system O&M security.

If the initial password is randomly generated by the system, reset the initial password.

If the password is changed, the downloaded user credential will be unavailable. You need to download the authentication credential again, and replace the old credential with new one.

Impact on the System

The initial password of a component running user is randomly generated by the system and needs to be changed. After the password changes, the MRS cluster needs to be restarted, during which services are temporarily interrupted.

Prerequisites

A client has been prepared on the Master1 node.

Procedure

  1. Log in to the Master1 node.
  2. (Optional) If you want to change the password as user omm, run the following command to switch the user:

    sudo su - omm

  3. Run the following command to go to the client directory, for example, /opt/client.

    cd /opt/client

  4. Run the following command to configure the environment variables:

    source bigdata_env

  5. Run the following command to log in to the console as kadmin/admin:

    kadmin -p kadmin/admin

    The default password of kadmin/admin is KAdmin@123, which will expire upon your first login. Change the password as prompted and keep the new password secure.

  6. Run the following command to change the password of an internal system user. The password change takes effect on all servers.

    cpw component running user

    For example: cpw oms/manager

    For the cluster, the password complexity requirements are as follows:
    • The password must contain 8 to 32 characters.
    • The password must contain at least three types of the following: lowercase letters, uppercase letters, digits, spaces, and special characters which can only be ~`!?,.:;-_'(){}[]/<>@#$%^&*+|\=
    • The password cannot be the same as the username or reverse username.

Did you find this page helpful?

Submit successfully!

Thank you for your feedback. Your feedback helps make our documentation better.

Failed to submit the feedback. Please try again later.

Which of the following issues have you encountered?







Please complete at least one feedback item.

Content most length 200 character

Content is empty.

OK Cancel