Changing Passwords and Accounts in MOM

  • Article

You might need to change the passwords of MOM accounts, because your security policy might require passwords to expire and be changed on a regular basis. When you do this, there is a best sequence to follow:

Changing the Management Server Action Account Password

  1. Change the accounts password on the local computer or the domain. If this is a local account you can do this using the Local Users and Groups snap-in. If this is a domain account, you can use the Active Directory Users and Computers snap-in.

  2. Change the password that MOM uses by using the SetActionAccount.exe utility. Directions for this utility are in the "Action Account Password Changes" section of this guide.

  3. Restart the MOM Service on the Management Server.

Changing the MOM Agent Action Account Password

  1. Change the accounts password on the local computer or the domain. If this is a local account you can do this using the Local Users and Groups snap-in. If this is a domain account, you can use the Active Directory Users and Computers snap-in.

  2. Change the password that MOM uses by using the SetActionAccount.exe utility. Directions for this utility are in the "Action Account Password Changes" section of this guide.

  3. Restart the MOM Service on the managed computer.

Changing the DAS Account Password

  1. Change the accounts password on the local computer or the domain. If this is a local account you can do this using the Local Users and Groups snap-in. If this is a domain account, you can use the Active Directory Users and Computers snap-in.

  2. Update the password for the Identity for the Microsoft Operations Manager Data Access Server COM+ application. You can do this in the Component Services snap-in.

  3. Stop the COM+ application and then restart it.

Note

    If you are changing the Management Server Action Account and the DAS account at the same time, you must change the Action Account first, then the DAS account, and then stop the MOM Service before stopping the COM+ application. Starting the MOM Service will also start the COM+ application.

If the MOM Service will not start, it might be because the DAS account has not been changed properly or the password has expired.

Changing the DAS Account

You can change which account MOM uses for the Data Access Service (DAS) functionality. The account must be a domain account with at least the following properties:

  • Member of the MOM Users group on the Management Server.

  • A SQL Server Logon with "Permit" server access and "db_owner" (DBO) access to the OnePoint database on the MOM Database Server.

  • A SQL Server Security Login with "Permit" server access.

  • The DAS account must also be a member of the SC DW DTS security groups on the MOM Reporting Server and MOM Database Server, if MMPC is installed using the DAS account.