Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products

PowerProtect Data Manager 19.11 Cyber Recovery User Guide

Resetting Cyber Recovery passwords

For security purposes, use the crsetup.sh script to change the Cyber Recovery lockbox passphrase and the Cyber Recovery database and Security Officer (crso) passwords.

Prerequisites

  • You must provide the lockbox passphrase, which is created during the Cyber Recovery installation.
  • Ensure that there are no jobs running before you change the passwords. Otherwise, the Cyber Recovery vault might go to an unsecured state.
  • This procedure is disruptive; it shuts down the Docker container services.

About this task

  • The Cyber Recovery software uses a lockbox resource to securely store sensitive information, such as credentials for application resources and databases. The lockbox securely manages sensitive information by storing the information in an encrypted format.
  • Cyber Recovery microservices communicate with the MongoDB database to access policies and other persisted data. The database is password-protected and only accessible by the microservices that run in the Cyber Recovery environment.
  • As the Security Officer, use the Cyber Recovery UI or Cyber Recovery CRCLI to change the crso password. However, if you forget the crso password or if there is a change in Security Officer, use the crsetup.sh script.

Steps

  1. Log in to the management host and go to the Cyber Recovery installation directory.
  2. Enter the following command:
    # ./crsetup.sh --changepassword
  3. Note the cautionary message.
    It is highly recommended that you create a Cyber Recovery DR backup before changing the password.
  4. When prompted, indicate if you want to create a Cyber Recovery DR backup:
    • If you type y, got to the next step.
    • If you type n, got step 6.
  5. When prompted, enter the MongoDB password.
    The Cyber Recovery software creates a DR backup.
  6. When prompted, enter y to continue the procedure.
    The script stops the Docker container services.
  7. When prompted, enter the current lockbox passphrase.
    If you enter an incorrect passphrase, the procedure exits and restarts the Docker container services.
  8. Optionally, enter and confirm the new lockbox passphrase when prompted.
    If you choose not to change the lockbox passphrase, the script then displays the prompt to change the MongoDB password.
  9. Optionally, enter and confirm the new database password when prompted.
    If you choose not to change the MongoDB password, the script then ndisplays the prompt to change the crso password.
  10. Optionally, enter and confirm the new crso password when prompted.

Results

The passwords are changed, and the script restarts the Docker container services.

NOTE
  • If you enter an incorrect password twice at the confirmation prompts, the script makes no changes and restarts the services
  • If you (as the Security Officer (crso) user) had multifactor authentication enabled, it is disabled when the services start again. Re-enable multifactor authentication.

  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\