This document outlines the disaster recovery steps for Random Password Manager or Enterprise Random Password Manager.
Random Password Manager and Enterprise Random Password Manager are divided into three components:
- Management application, Deferred Processor & Encryption Key
The database is the single most important component to RPM/ERPM. All systems lists, jobs, job settings, password, and other information about the systems are stored here in the database.
What happens if the database becomes unavailable?
When the database becomes unavailable, no components that rely on the database will function. Specifically, ERPM/RPM will stop functioning until the database is brought back online.
How to Recover from a Database Failure
Restore the database. The exact steps will vary from database to database, tools involved, and company procedures. All systems lists, jobs, job settings, password, and other information about the systems are stored here in the database.
If the database is restored to the same database server [name] with the same database name, there will be nothing to configure. If the database is restored to a different server or to a different database name, then ERPM/RPM will need to be made aware of this change.
To point ERPM/RPM to a different database server/database, open the management console and go to SETTINGS | DATA STORE CONFIGURATION | BASIC SETTINGS. If the database cannot be contacted on program load, a message indicating this will appear and ask for the current location of the data store.
Enter the new database server name and/or database name.
Once the database is restored, if the database has been moved to a new server or renamed, the password recovery websites will also need to be updated to reflect the new location.
From the main program dialog, click the Manage Web App button from the action pane. Right click on the web instance(s) and select "Update instance(s) with current options".
The Password Recovery Website
The password recovery website contains no settings of its own. Every setting that controls the website are stored in the program data store.
What happens if the password recovery website becomes unavailable?
If only one website was deployed, the password recovery via the website will not be possible. However, password change jobs will still occur on schedule presuming the management application is running.
To restore a website, from the main program dialog, click the Manage Web App button from the action pane. Click INSTALL from the lower left corner.
Decide which server will be the target for the website installation and provide credentials to run the web site COM object. For information about this account and server requirements, check out the ERPM Installation Guide. All other settings and delegations previously used were retained by the management console and the program data store.
Click the INSTALL WEB APPLICATION button at the bottom of the dialog.
If the website is being installed to a different location and SSL was previously enabled, it will be necessary to reinstall the SSL certificate to the new web server. Refer to your IIS documentation for steps on installing and managing certificates with Microsoft IIS.
The management Console
The management console contains very few settings of its own. Specifically, the encryption key, email and event sink settings are not stored in the database but are instead relegated to each installed instance of the console.
What happens if the management console system becomes unavailable?
The management console system hosts the deferred processor and management console. If this system becomes unavailable, scheduled password change jobs and management of system sets will become unavailable until a management console can be reinstalled. However, password recovery will still be possible via the password recovery website (if installed to a different system than the management console), re-randomization jobs will still be created and auditing for these events will still occur. The password recovery website operated independently of the management console.
NOTE! The license is tied to a server name. If the management console is re-deployed to a system with the same name, there will be no licensing issues. If it is deployed to a different system name, a new license key must be issued from Lieberman Software. Contact your account rep for a replacement key.
To restore a management console:
Reinstall the application; follow the steps as outlined in the installation guide. During the mini-setup wizard (following first launch), reconnect the application to the original database.
Import the license key from the HELP | REGISTER dialog and restart the application.
For versions prior to version 4.83 (build 100708) re-install the Cross Platform Support library. Go to SETTINGS | EXTENSION COMPONENTS | INSTALL CROSS PLATFORM SUPPORT LIBRARY. Follow the prompts to install to the desired location.
Reinstall the encryption key. Go to SETTINGS | ENCRYPTION SETTINGS. Select the option to "Use Encryption for passwords in the database, select IMPORT KEY from the center of the dialog and choose the previously archived encryption key.
Reinstall the deferred processor. Select VIEW JOBS from the action pane. From the 'View Jobs' dialog, select DEFERRED PROCESSOR | CONFIGURE SERVICE.
Input the user name and password for the service account and click INSTALL.After successful installation, a prompt will appear asking to start the service. If yes is chosen, the deferred processor will begin to run and process all past due jobs.
Mail settings were part of the registry located at HKLM\Software[\Wow6432Node]\Lieberman\SMTPSettings. If a system state backup (including registry) or this specific registry key is unavailable, simply reconfigure the SMTP settings by going to SETTINGS | EMAIL SETTINGS.
The required settings are:
- Sender Email
- Reply-to Email
Outgoing Server -
- Outgoing SMTP Server Name
Event Sinks are a separate item. By default, these items are stored under %ALLUSERSPROFILE%\Lieberman\GenericEventServer\Version 1.x\EventSinks.
If these files have not been previously archived, they will need to be recreated by hand. If the files were previously archived. simply copy the existing event sink files into this location. The management console will automatically load these files.
Everything is dead, what now?
If all items have died - no backups are available for anything, in particular the database, and there was no high availability of any kind used in the deployment of the system, all is not necessarily lost.
In the case of Windows domains, if the domain itself is still available, simply reinstall the application and all of its components as outlined above or in the installation guide. By using the domain credentials, you will be able to begin re-randomizing password immediately for all domain joined resources using these credentials.
In the case of UNIX/Linux/etc, if the systems are standalone systems - are not part of a central authority/directory - another root level account will be required to reset passwords or another password recovery process must be used. Once the root level accounts are reset, begin managing them again.
As always, high availability is no replacement for backup. Also, this product can be installed across multiple servers without incurring additional licensing costs from Lieberman Software and it is highly recommended to do so to minimize single system failure.
Enterprise Random Password Manager (ERPM)
Random Password Manager (RPM)