If unauthorized access to Common Services occurs or unauthorized operations
are performed on the Common Services settings, information such as tokens exchanged between
Common Services and each product might be leaked. In this case, reset and disable the
information that might have been compromised.
-
Log in to the management server as the root user.
If you log in as an ordinary user, use the sudo command to complete the following procedure as the root user.
-
Run the csresettrustrelationship command.
- Command location
- installation-directory-of-Common-Services/utility/bin/csresettrustrelationship.sh
- Format
-
csresettrustrelationship.sh -f
- Option
- Output file
-
The results of running the command are output to the following file:
/var/log/hitachi/CommonService/utility/result_reset_secert.json
Note:- If you run this command, logged-in users might be forcibly logged out.
- This command runs for a period from several minutes to several tens of minutes, depending on the system configuration.
- When the command finishes running, Common Services restarts.
-
Check the content of the output file.
Make sure that the value of the status key is SUCCESS for both the resetSecretResult object and the resetKeyResult object.
If the value is ERROR, restart Common Services, and then rerun the command. If this does not resolve the problem, collect the failure information, and contact customer support.
-
If you are linking with the identity provider by using the SAML
protocol, update the metadata for Common Services in AD FS.
This step is required because when you reset the trust relationship, the authentication key of Common Services is forcibly updated.
For details of the procedure, see Updating the Common Services metadata by using AD FS
-
Run the csreregisterapp command or run the setupcommonservice command to re-register each product registered in
Common Services.
You can use the csreregisterapp command to re-register multiple products at once. For details, see Re-registering each product in Common Services.
- Restart the service of each product registered in Common Services.