Symantec Data Loss Prevention provides the AdminPasswordReset utility to reset the Administrator's password. There is no method to recover a lost password, but you can use this utility to assign a new password. You can also use this utility if certificate authentication mechanisms are disabled and you have not yet defined a password for the Administrator account.
* INSIGHT Appliance Engineers identified that the AdminPasswordReset utility provided by Symantec in older versions of SDLP does not work as expected, thus it is recommended to use the AdminPasswordReset utility provided by INSIGHT Appliance located in /opt/appliance/ directory
**You must know your Enforce Server database password**
**Highly recommend to not use special characters in the beginning of your new password**
------------------ For SDLP v14.6 and older ------------------------
1. SSH to the Enforce server as Appuser
2. Change to the protect user
sudo su - protect
3. navigate to the /opt/appliance
cd /opt/appliance
4. Run Administrator password reset utility/tool
./AdminPasswordReset.sh -dbpass <oracle_password> -newpass <new_administrator_password>
oracle_password = password to the Enforce Server database,
new_administrator_password = the new password you want to set.
------------------ For SDLP v15.x and newer ------------------------
1. SSH to the Enforce server as Appuser
2. Change to the protect user
sudo su - protect
3. navigate to the /opt/SymantecDLP/Protect/bin
cd /opt/SymantecDLP/Protect/bin
or for 15.1.x navigate to the /opt/Symantec/DataLossPrevention/Enforce Server/15.1/Protect/bin
cd /opt/Symantec/DataLossPrevention/Enforce\ Server/15.1/Protect/bin
4. Run Administrator password reset utility/tool
./AdminPasswordReset.sh -dbpass <oracle_password> -newpass <new_administrator_password>
oracle_password = password to the Enforce Server database,
new_administrator_password = the new password you want to set.
==============================================
To unlock DLP User account
1. Login to Enforce Web Console as Administrator
2. Navigate to System>Login Management>DLP Users
3. Select Users account you want to unlock
4. Uncheck box for "Account Disabled"
5. Save
0 Comments