I have a Windows BF install using an SQL database on a remote server. When the database was created, SQL credentials were used to create it with an sa user. Since that time the password for the sa user has been lost. The DBA has created a new user with sysadmin authority and they want us to use this new user to perform the upgrade from version 10.0.1 to 10.0.3. How can I change the user that the application uses to connect to the database? Since the sa user is also used for other databases the DBA refuses to change the password for the sa user. I have tried to change the ODBC drivers and that lets me connect but when I try and run the upgrade I get an error message that the user does not have authority.
Strangely enough, I had to do this just today.
First change the user account name in the Registry. It should be in a value in the Registry at HKLM\Software\Wow6432Node\BigFix\Enterprise Server\Database.
Then, update the encrypted password using the BESAdmin.exe utility from the BES Server directory as described at Changing the database password
.\BESAdmin.exe /updatepassword /type=<server_db|dsa_db>
[/password=] /sitePvkLocation=<path+license.pvk>
[/sitePvkPassword=<pvk_password>]
All the parameters are optional except /updatepassword /type=server_db, you’ll be prompted for the PVK path, PVK password, and new Database password.
When done, run BESAdmin without any options to verify it connects to the database, and then restart the BigFix Server services (BESRootServer, FillDB, and GatherDB)
Hope this helps, let us know if you have any trouble with it.
1 Like
Thanks for the information. I am still having one problem. It appears the BESAdmin command is not updating the password field in the Registry key. I save the value into a new value called OldPass and cleared the current value. When I ran the BESAdmin command the Password value did not update. How can I obtain the correct encrypted value to into the key?
You did run it with the “/updatepassword” parameter? That was saving it into the registry for me yesterday…
Maybe be sure to run it from an Elevated command prompt? That comes to mind as a reason it could run but could fail to update the registry
I was logged in as the administrator so the command prompt was opened as administrator and yes I used both the updatepassword and type-server_db flags. I tried deleting both the user and the password but neither the user nor the password was updated when I did that. I think you have the right answer. Is there some Windows utility that will let me generate the encrypted password?