This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Change Credentials en mass for Nodes

When I was demoing SAM, I set 198 nodes up using my personal AD credentials.  I'd like to change them to a service account I created for subsequent nodes that were added.  Is there a way to do that en mass?

I'd like to get this fixed before I have to update my AD password in the next month or two.

  • You'll first need to create a new set of credentials by going to [Settings -> Windows Credentials]

    Windows Credentials.png

    Once you've created a new set of credentials head over to Manage Nodes [Settings -> Manage Nodes] and group the nodes by polling method. Select "WMI" from the "Group by" options and then choose two or more (or all of them) and click "Edit" properties.

    Polling Methods.png

    From the Edit Properties view select "Polling Method" and choose your new credentials that you created in step 1 above and click "submit".

    Choose Credential.png

  • You can use NCM to create or change a local user account on your edge equipment, if you like doing things via a scripted CLI format.

    1. Create a text script that does exactly what you need.  E.g. on a Cisco IOS switch:

    conf t

    username Fred privilege 15 secret 0 K93/0#!!N0230ssdkj;2389bv

    end

    wr

    2. Copy your script to the clipboard / buffer

    3. Open NCM

    4. Select the nodes on which you want to add or change this user name

    5. Right click on the selected nodes and choose "Execute Command Script"

    6. Paste in the script in the new window

    7. Scroll down and click Execute.

    You're done!

    This works well for changing bulk passwords on anything you manage with NCM.

    Swift packets!

    Rick S.

  • Thank you for your help.  I'm down to 3 nodes that are still using my credentials.  Any suggestions on how to figure what they are and change them?

  • I can think of a few ways to find those last few devices that have your user name in them, depending on what tools you have.

    * If you use NCM for daily backups, select all the devices' config files and search for your user name in their configs.  The devices that still have it present should pop right up.  I use that method to find and remove default or obsolete user names.

    * Again for NCM, execute a command script against the actual devices to discover your user name if present.  In Cisco IOS format it would be:

    sho run | in (insert your username here)

    * If you use TACACS or RADIUS, search in the logs for your user name.  In Cisco ACS it's easy to see when your user name logs into the devices, and also easy to see which devices it's logging into.

  • See report templates referenced here

    Re: Trace a specific account & all devices using this account for polling

    The templates are using the Legacy Report Writer that is accessible from the SolarWinds server (not the web console)

  • This is the best way to update the nodes to use correct credentials.

  • Thanks! Saved my bacon today!