B.14 Security Intelligence Database and Alert Dashboard Occasionally Do Not Work in Upgraded Custom Installations of FIPS 140-2 Enabled Sentinel

Issue: When you upgrade Sentinel from a custom installation of Sentinel that was installed by a non-root user and was configured in FIPS 140-2 mode, Security Intelligence database and Alert Dashboard occasionally do not start.

Workaround: Perform the following steps:

  1. Go to <custom installation directory>/opt/novell/sentinel/bin to know the Sentinel Indexing Service.

  2. Run the following command:

    ./si_db.sh status

    Verify whether the following output displayed:

    Connection between alert store and indexing service is running.
Security Intelligence database is running.
Indexing service is running.

    If any of the above mentioned three services are not running, perform the following steps.

  3. Run the following command to stop Sentinel:

    rcsentinel stop

  4. Log in to the Sentinel server as the novell user.

  5. Run the following command:

    <custom installation directory>/opt/novell/sentinel/bin/si_db.sh startnoauth

  6. Run the following commands to add dbauser and appuser users:

    cd <custom installation directory>/opt/novell/sentinel/3rdparty/mongodb/bin

    ./mongo

    use admin

    db.addUser ("dbauser", "novell")

    use analytics

    db.addUser ("appuser", "novell")

    exit

  7. Stop the MongoDB database:

    <custom installation directory>/opt/novell/sentinel/bin/si_db.sh stop

  8. Perform the following steps to add encrypted password fields:

    1. Run the following command to get the encrypted password for the novell user:

      <custom installation directory>/opt/novell/sentinel/bin/encryptpwd -e novell

      Encrypted password is displayed. For example:

      bVWOzu6okMmMCkgM0aHeQ==

    2. In the configuration.properties file, update the baselining.sidb.password and baselining.sidb.dbpassword properties with the encryptedpassword. for example:

      baselining.sidb.password=9bVWOzu6okMmMCkgM0aHeQ==

      baselining.sidb.dbpassword=9bVWOzu6okMmMCkgM0aHeQ==

  9. Exit from the novell user account and start Sentinel as the root user using the following command:

    rcsentinel start

NOTE:Run the configure.sh script to reset the password whenever needed. For more information about running the configure.sh script, see Modifying the Configuration after Installation in the Sentinel Installation and Configuration Guide.