06-20-2010 08:56 AM - edited 03-15-2019 11:19 PM
How do you change the password to the administrator users in CallManager 4.1? It is a windows inte
grated password?
06-20-2010 09:38 AM
You can change the OS admin password (e.g. Administrator) using the Microsoft user manager (just as you would for any other account). If you need to modify existing service accounts or the cluster password using the Admin Utility. From the following URL:
You can change the administrative passwords using either one of these methods on Cisco CallManager servers that run on a Windows Operating System. It is necessary to reboot the cluster after you change the passwords in order to remove any potential problems with Windows password caching.
Note: If the Lightweight Directory Access Protocol (LDAP) setting is Microsoft Active Directory instead of DC Directory, you must manually set this password using Active Directory.
Note: The Administrator account serves as the default Windows NT administration account. Cisco CallManager does not use this password.
Choose Start > Program Files > Administrative Tools > Computer Management > Users, select Administrator Account and right-click Set Password.
The Windows Administrator account password is a login password into the physical server. You can change the Windows Administrator password when you press Ctrl+Alt+Delete and click on Change Password.
The CCMPWDChanger tool is used to change the passwords for Directory Manager, CCMSysUser, CCMAdministrator, and IPMASysUser.
From the Cisco CallManager, choose Start > Run, type CCMPWDChanger and press Enter. Refer to Change the Password for more details on the CCMPWDChanger tool.
Note: The CCMPWDChanger tool should be used only on the Cisco CallManager Publisher server.
The Admin Utility is used in order to change the services password and synchronize for SQLSvc, CCMServiceRW, CCMService, CCMCDR, and CCMUser in the Cisco CallManager cluster. Run this from C:\Program Files\Cisco\Bin\Adminutility.exe. The Admin Utility changes the cluster private password, which in turn generates new encrypted passwords for the SQLSvc, CCMServiceRW, CCMService, CCMCDR, and CCMUser accounts. Keep this in mind when running this utility. Refer to Check Password Synchronization with the Admin Utility in the Cisco CallManager Cluster for more information on the Admin Utility.
HTH.
Regards,
Bill
Please remember to rate helpful posts.
Please remember to rate helpful responses and identify
06-20-2010 05:38 PM
So if I am reading correct the CM system might either be tied to LDAP authenticaion or use a local DC directory database?
06-20-2010 11:43 PM
rHi
Yeah, you can be integrated to AD with CM4 if you are unfortunate. On the server, go to c:\dcdsrvr and open a file called DirectoryConfiguration.ini. If there is a reference to an AD server on port 389 then you are using AD, if it's 8404 then you are using the built-in LDAP server (DC Directory). The line will look like so:
ldapURL=ldap://server:8404
The 'administrator' account is still a Windows account even if you are not integrated to AD: it's the local/Windows administrator account on the server.
Regards
Aaron
06-22-2010 01:23 PM
Hello I am not AD integrated. How do you suggest I get access to CallManager web admin page if I do not know the password? I have Windows admin access but cannot login to the CallManager admin webpage.
06-22-2010 01:40 PM
William,
AD integrated or not you should be able to use ccmpwdchanger as described in the link I posted earlier:
If you need step-by-step procedures, then you can use this link:
There are likely some variations between the procedures in the above technote and reallity. So, keep your wits about you. It should be pretty close though. Key point, at step 3 and step 4 you would choose ccmadministrator instead of Directory Manager (from the drop down list). This is going back many moons for me but as I recall the procedure works.
If I recall correctly, the passwords for Directory Manager, ccmadministrator, etc. are stored in the registry (in a hashed format).
HTH.
Regards,
Bill
Please remember to rate helpful posts.
Please remember to rate helpful responses and identify
06-22-2010 01:42 PM
Thanks. We are going to reset with CCMPWDChanger soon, however if I could locate the hash password in the registry I might be able to crack it as I have already cracked one of their MD5 hash passwords.
Do you know where it is stored?
06-22-2010 01:45 PM
I don't recall.
Please remember to rate helpful responses and identify
06-22-2010 02:00 PM
HKEY_LOCAL_MACHINE\SOFTWARE\Cisco Systems, Inc.\Directory Configuration
HTHjava
If this helps, please rate
www.cisco.com/go/pdihelpdesk
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide