Unsolved
This post is more than 5 years old
1 Rookie
•
20.4K Posts
0
2192
ESA-2017-011: EMC ESRS Policy Manager Undocumented Account Vulnerability
I am running ESRS Policy Manager 6.6 on a Windows machine and instructions provided in https://support.emc.com/kb/483941 do not work.
ldappasswordmodify is not a batch file but a shell script so obviously it's not going to work on a Windows box. Do you have proper instructions ?
Thank you
steffen_gutzeit
11 Posts
0
July 6th, 2017 03:00
Hello.
The ldappasswordmodify.bat file can be found here: \ESRS\PolicyManager\OpenDS-1.0.0\bat
However there are a few other issues as well. It has been reported and our team will take a look at this article to make sure it'll work correctly for MS Windows.
Keep in mind though that version 6.8 of the Policy Manager does not have this security vulnerability (but it would need to have a fresh installation as a code update is not possible).
Best regards,
Steffen Gutzeit
dynamox
1 Rookie
1 Rookie
•
20.4K Posts
0
July 6th, 2017 08:00
Steffen,
Seriously ? I have to build a brand new Policy Manager server, you can't upgrade my 6.6 install ?
steffen_gutzeit
11 Posts
0
July 6th, 2017 09:00
The ldappasswordmodify.bat file is actually located here for MS Windows (when using the default installation path): C:\EMC\ESRS\PolicyManager\OpenDS-1.0.0\bat
Try running the command seen in the procedure again please (ldappasswordmodify.bat -h localhost -p 389 -D "ou=admin" -w admin -A -c admin -n admin1) and make sure to run the command prompt as an Administrator. Does it work for you now?
For the code upgrade, I'm afraid that is the case and it would actually require a fresh installation.
Best regards,
Steffen
dynamox
1 Rookie
1 Rookie
•
20.4K Posts
0
July 6th, 2017 10:00
Steffen,
The new command worked and i was able to get into PM after updating server.xml. Thank you for that.
So how would i transition from a Windows PM 6.6 to Linux PM 6.8 ? Is Linux PM provided as a vApp ?