cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Change password of fnms install account

Hi, Would there be any impact to FNMS if customer change the password of existing installing administrator account i.e. fnms admin ? Thanks, Intan
(1) Solution
mfranz
By Level 17 Champion
Level 17 Champion

Hi Intan,

It depends. Does anything run under the installing admin account (services etc.)? Ideally you would have 2 accounts:

  1. An installing admin account (personalized). Password can be changed regularly.
  2. A service account (technical account, not linked to a natural person), to run all the services, application pools, schedules tasks, etc. Password should not be changed.

Should the account be of the second type, you would have to update the password everywhere the account is set up to run something.

Best regards,

Markward

View solution in original post

(3) Replies
mfranz
By Level 17 Champion
Level 17 Champion

Hi Intan,

It depends. Does anything run under the installing admin account (services etc.)? Ideally you would have 2 accounts:

  1. An installing admin account (personalized). Password can be changed regularly.
  2. A service account (technical account, not linked to a natural person), to run all the services, application pools, schedules tasks, etc. Password should not be changed.

Should the account be of the second type, you would have to update the password everywhere the account is set up to run something.

Best regards,

Markward

If this is the account was used to configure FNMS changing the password will cause problems because the password is cached in the application configuration. To complete this in the past I was able to get all the passwords updated by re-running all the configuration (powershell) scrips that were completed when you do an upgrade or installation. These are the scripts that are in the documented under 'Configure the System'.

After that I had to update the service account passwords on the beacon and Business Adapter configurations.  If you have a policy against non-expiring passwords this can introduce quite a bit of work and additional risk.  I wish Flexera would come up with a much easier process to complete this process because non-expiring passwords are becoming a thing of the past.

Forced by interal security we needed to change our Service Account password of FNMS. The config.ps1 failed, and we needed to change all passwords set manually. This was very time consuming. 
The cause of the fail was that the SQL services used the same service account. Also depending on the settings of the account the service account can be locked. So stop all scheduled tasks and services (Application and beacon servers) upfrony.
So hopefully Flexera will indeed create a simple solution for password chnages.