Password reset using PMP Agents

(Feature available only in Premium Edition. This document is applicable only for PMP versions 6303 and earlier. If you are using PMP 6400 and later, click here.)

PMP provides the option to remotely change the password of select resources by deploying PMP agents. As of now, this facility is available for changing the password of servers - Windows, Windows Domain and Linux alone. Using this utility, you can change the password of a server present in a remote location, from the PMP web interface itself.

The agent could be used in target machines to which the PMP server can connect and effect password changes. All password related communication is over HTTPS and is secure. The agent is useful in cases when,

  • the PMP server runs in a Linux system and has to make password changes to Windows resources
  • the required administrative credentials are not available in the PMP server to make the password changes from remote
  • to change the password of domain accounts without the administrator credentials of the domain controller

Downloading the PMP Agent

The PMP agent package is dynamically created by the PMP server to include the SSL certificate of the PMP server, that is used for the HTTPS communication between the server and the agent. So, the only place to download the agent is from the 'Admin' tab of the PMP web GUI. The agent package is a zip file containing the necessary executables, configuration files and the SSL certificate. Download the agent based on the OS of the target and just unzip the package.

Installing the PMP Agent in Windows

The package has all the necessary configuration already created by the server. Make sure the account in the system in which the agent is installed has sufficient privileges required to modify passwords.

To install the PMP Agent as a Windows service,

  • Open a command prompt and navigate to the PMP agent installation directory
  • Execute the command 'AgentInstaller.exe start'

To install the PMP Agent as a Windows service,

  • Open a command prompt and navigate to the PMP agent installation directory
  • Execute the command 'AgentInstaller.exe stop'

To install the PMP Agent as a Windows service,

    The default port in which the agent listens to the triggers from the server for password reset is 5768. To change this to a different value,

  • Go to the PMP agent installation directory
  • Open the file Agent.conf
  • Modify the parameter ScheduleInterval. to the value you require
  • Restart the agent service

Installing the PMP Agent in Linux

The package has all the necessary configuration already created by the server. Make sure the account in the system in which the agent is installed has sufficient privileges required to modify passwords.

To install the agent as service

  • Execute the command "sh installAgent-service.sh install" to install the agent as service

To start the agent

  • Execute the command "sh installAgent-service.sh start"

To stop the agent

  • Execute the command "sh installAgent-service.sh stop"

To uninstall the agent as service

  • Use the command "sh installAgent-service.sh remove", in case you wish to remove PMP Agent as service

Configuring the port

The default port in which the agent listens to the triggers from the server for password reset is 5768. To change this to a different value,

  • Go to the PMP agent installation directory
  • Open the file Agent.conf
  • Modify the parameter ScheduleInterval to the value you require
  • Restart the agent service

To remotely change the password,

  • Go to 'Resources' Tab
  • Click the name of the resource whose password has to be changed remotely
  • Click the "Change Password" icon

Troubleshooting

If the password changes do not take effect in the target systems, check

  • if the agent port is reachable from the server through a TCP connection (using telnet)
  • if the account in which the agent is installed has sufficient privileges to make password changes

©2014, ZOHO Corp. All Rights Reserved.

Top