PingIntelligence

Deleting UUID to propagate a changed password

You can change the password on a single API Security Enforcer (ASE) node and propagate the change to other nodes in the ASE cluster.

About this task

To do this, you must copy the /data directory of the ASE node on which the password has been modified to the other nodes in the cluster.

The /data/ase.store file stores the password information and the universally unique identifier (UUID) of the ASE node. You must delete the UUID of the ASE node with the modified password before copying its /data directory to the other nodes in the cluster. This avoids cluster synchronization issues caused by duplicate UUIDs.

To propagate the changed password to all the nodes in an ASE cluster:

Steps

  1. Change the password for the ASE node.

    For more information, see Change Admin password.

  2. Stop the ASE node.

    For more information, see Stop ASE.

  3. Run the delete-uuid script.

    Example:

    /opt/pingidentity/ase# ./util/delete-uuid
    Deleting uuid  02cdf7b3-dfb7-4d5b-b9a1-171e89664d11
    Success
  4. Verify the successful deletion of UUID by re-executing the delete-uuid script.

    Example:

    /opt/pingidentity/ase# ./util/delete-uuid
    uuid does not exist in database
  5. Copy the /data directory to other nodes in the cluster.