cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Automating ePO Admin and SQL Password Rotation

I am looking for a way to automate password rotation for the administrator account in ePO and for the sql sysadmin account. I believe I can use the API to change regular user passwords, but the admin password wouldn't work this way just like it's grayed out in the Users list in the ePO console.

I'm familiar with the Pre-Installation Auditor tool as well as the "Restore Administrator Access" options to rotate the admin password manually but am wondering if there's any way I could run these operations through the command line - ePIP unfortunately gets "found corrupted files" trying to run it from CMD (although it works if I double click the file).

I'm also familiar with the core/config-auth screen which would allow me to reset the SQL password, but again I'm looking for a way to do this from CMD/Powershell instead of having to do it manually.

This is a prototype/dev environment, so I have no qualms about doing unsupported operations and have already done unspeakable things to my server to implement other automations, including editing the ePO database and the java keystore directly. If there is a way to do these two password rotations, even if it is strongly recommended against, I'll happily do it. Any assistance would be greatly appreciated!

2 Replies
rgc
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: Automating ePO Admin and SQL Password Rotation

The error: Found corrupted files is coming from the old ePO package, which contains the expired certificate.

You have to download the ePO package from the download site and try the EPIPA tool to get this ork.

For more information: KB91682

The working EPIPA tool build is: 3.1.0.189

You can reset the password for admin user through the URL as below.
https://localhost:8443/core/restore-admin 

It will ask for the ePO to SQL connection credentials, and if you type new password it will be applicable for the admin user...


Raghavendra GC
McAfee Technical Support – APAC
Customer Success Group
www.mcafee.com

Re: Automating ePO Admin and SQL Password Rotation

Thanks for your response. I'm aware that I can use the restore-admin site to manually rotate the password, but I'm looking for a way I can automate this process in a script.

The EPIPA tool does open as a GUI, it's only if I try to run it from the command line that it gets that error. I was hoping that maybe it can be run like the ePO installer, for example C:\tools\EPIPA.exe username=epoadmin newPassword=mynewpassword123. As far as I can tell from the documentation, this functionality doesn't seem to exist.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community