Blue Coat Home Page Choose a PacketGuide version    

 Feedback

 Search

 Index

What's New?



 Overviews

 Recommendations



   
   
   
   
   
   
   
   
   
   
   
   
   

 Reference

 Product Information
 



 

PolicyCenter Passwords and Interface Security

Limit access to individual PacketShapers and PolicyCenter configurations by setting passwords and securing the interfaces. PolicyCenter users the following passwords.

Password Allowed Functions
PolicyCenter User Login passwords Depending upon their individual roles, users can either modify or view PolicyCenter configurations of individual PacketShapers through their web-browser or command-line interfaces. Users with a look role password cannot change the configurations, and do not have access to individual units. Users with a touch role can access and modify PolicyCenter configurations and individual units in shared mode. A PolicyCenter user's login password can only be changed from PolicyCenter, unless the user login uses RADIUS authentication. See Modify a PolicyCenter User Account.
PacketShaper passwords A look or touch password can be defined for a PolicyCenter configuration and inherited by all PacketShapers assigned to that configuration. PacketShaper passwords can also be configured from the command-line or browser interfaces of each individual unit. See Change Security Settings for PolicyCenter Configuration, below.
Directory Server Password Use this password to manage the connection between PolicyCenter and the Directory Server. The Directory Server password can be changed from PolicyCenter and the Sun Directory Server console. See Change the Directory Server Password, below.
Directory Server Administrator The directory server administrator manages the Directory Server from the Sun ONE Directory Server console. Note the default user ID and password are both admin.


Note:
If a PacketShaper is changed to local mode, you will no longer be able to view or modify the unit with the PolicyCenter Directory Server password. To reenable the directory server password for the PacketShaper, access the unit using its touch password and then return it to shared mode.

Change Security Settings for PolicyCenter Configurations

To view or update passwords or interface security settings for a PolicyCenter configuration:

  1. Access the PolicyCenter browser interface and click the Configurations tab.

  2. Choose a configuration from the configuration tree in the left pane of the Setup window.

  3. From the right pane, select the Setup tab.

  4. From the list of setup pages, select Security. The available security settings appear on the Setup window.  show screen

  5. Verify or modify configuration details.

  6. Click apply changes to update the settings.

Change the Directory Server Password

To change the directory server password:

  1. Click the Setup tab in PolicyCenter.

  2. From the left pane, select the Core Directory Server Setup Category.

  3. Enter the Old Password, then type the New Password. The password can be up to 64 alphanumeric characters, including 0-9, A-Z, a-z, spaces, periods, underscores, and dashes.

  4. Confirm the new password by entering it a second time in the Confirm New Password field.

  5. Click change password. You must now exit PolicyCenter, then log in to PolicyCenter again with your same user name and login password.

Forgot Your Directory Server Password?

If you forget your Directory Server password for PolicyCenter, follow the instructions below.

Directory Server 5.2

  1. Run the Directory Server Console program.

    (Start > Programs > Sun ONE Server Products > Sun ONE Console)

  2. Provide the user ID and password. The default user ID and password are both admin.

  3. In the main Console page, expand the Server Group folder.  show screen

  4. Double-click Directory Server in the tree on the Console page. The Directory Server window will open.

  5. Click the Directory tab.  show screen

  6. Double-click the iqos folder in the directory tree on the left.  show screen

  7. Double-click pscfgw in the list on the right-hand side of the Directory page. This will open the pscfgw Edit Entry window.

  8. Set the Password field to a new password, then click OK.

  9. Access the PolicyCenter command-line interface (Start > Programs > Blue Coat PolicyCenter> PolicyCenter Client).

  10. Log in to PolicyCenter with your existing user name and password, and enter any command; this causes the new directory server password to take affect.

You should now be able to subscribe units to the directory server using this new password.

Directory Server 7.0

  1. Log in to the PolicyCenter Client and disconnect it from the directory server using the command:
    config reset

  2. Navigate to:
    <install directory>\Program Files\Sun\DSEE.7.0.Windows-X86-zip\DSEE_ZIP_Distribution\sun-dsee7\dsee7\dsrk\bin

  3. Open the acispwd.txt file. Instead of password in the userPassword field, enter the new password.

  4. Save and close  the acispwd.txt file.

  5. In a command window, navigate to:
    <install directory>\Program Files Sun\DSEE.7.0.Windows-X86-zip\DSEE_ZIP_Distribution\sun-dsee7\dsee7\dsrk\bin

  6. Enter the following command:
    bin\ldapmodify -h <IP address of Directory Server 7> -p 389 -D cn=dsadmin -w password -f <the entire path to the acispwd.txt>

  7. Connect PolicyCenter back to the directory server, either through the PolicyCenter Client or the browser interface, using the new password. To reset the connection between PolicyCenter and the directory server, go to the directory server machine and do one of the following:

    Access the PolicyCenter command‐line interface and issue the command:
    config set localhost <password>

    Or type http://localhost/ on the browser address bar and complete the getting started setup.

  8. Use the new password you set in the acispwd.txt file to connect to the directory server from a PacketShaper appliance.

Note: The unit configurations that were part of PolicyCenter before the password change will complain of invalid credentials. You will need to reconnect the units to the directory server with the new password.

 

To change security settings for the PolicyCenter software itself, see also:

Modify HTTPS Settings for PolicyCenter

Configure RADIUS for PolicyCenter

Change the Directory Server Host

PacketGuide™ for PacketWise® 9.1