Impact of changing the service account password used for installation

Question ID: 109332
0
0

Hello All,

we have used a service account to install our applications (ALM, ALM PC, Synchronizer) and now we wanted to change the password of this account since its known to most of them. will there be any impact on applications after changing it? any pre and post checks to done..! kindly please advise

Marked as spam
Posted by (Questions: 5, Answers: 2)
Asked on February 19, 2020 2:22 am
18 views
Answers
0
Private answer

Hello,

Yes there are possibly many ramifications but it is impossible to tell without knowing where and how that service account is being used on your system.  I'll provide some possible scenarios here:

If the service account is being used for communication between network resources (as this is one of the reasons for using a service account), any resource that is authorized to be used by the service account, such as a Network Accessed Storage drive (NAS), will not be able to authorize onto the network and access the files located within until the service account information is updated on the ALM/PC server.  That could mean if your repository is stored on a NAS that the entire repository isn't available and your projects stop responding and the ALM working correctly as it can't access any of the repository.

I have also seen it where only certain resources, such as say automation specific files were designed by the automation team to be remotely stored separately and although the remainder of ALM worked without issue as the repository was still accessible as it was locally stored on the ALM server but anything trying to be accessed or used that required those specific automation files were inaccessible and the action failed but affected nothing else related to ALM.

I have seen it where the DB stopped connecting to ALM as the passwords differed and wouldn't allow the connection to be made, as well as having issues authenticating users as the same service account was used to access and authenticate the LDAP servers but all of ALM and the DB used a different account so although ALM started correctly and worked as designed no users were able to log in and authenticate through the LDAP servers as the cached password for the service account was different than the newly changed password.

Basically to summarize, if you change the service account password, make sure and find out and update all instances of where the account is used as not all locations will automatically get updated with the change.  Products like ALM will continue to work normally until they are restarted or at which time they need to reauthorize and then they will fail (I have seen the system run for a month and then take an update, restart and the cache was cleared and now the passwords mismatched and the authorizations and the start up of the application fails but ran fine for a month after because of the cached situation).

 

Hope this helps,

Dan

Marked as spam
Posted by (Questions: 0, Answers: 701)
Answered on February 20, 2020 10:20 am