Changing the Startup Mode

For information about the difference between the two startup modes, see Attended Startup Mode vs. Unattended Startup Mode.

Change the Startup Mode to Unattended

1. Using a text editor, edit the securedata.properties file in the %PROGRAMDATA%\HID Global\Credential Management System\Local Files\services\repositories directory.

2. Comment the following line, if it exists, by adding the # at the beginning of the line as shown below:

   Copy

   # SecureData.mode = securesite

3. Make sure that the following lines are present in the file:

   Copy

   SecureData.mode = insecure
   SecureData.SecurityPwd.insecureValue = <value>

4. If you are deploying ActivID CMS with an HSM A Hardware Security Module (HSM) securely stores secret key material. They are similar to large-storage, multisession smart cards. However, unlike smart cards, they are used mainly on the server side of a system., uncomment the following line by removing the #:

   Copy

   SecureData.HSMPin.insecureValue = <value> 

5. If you are using Oracle or SQL Server configured in SQL Server authentication mode, remove the # at the beginning of this line:

   Copy

   SecureData.DatabasePwd.insecureValue = <value>

6. Restart the IIS and CMS Server services.

7. On the Windows Start menu, point to Programs > HID Global > Credential Management System, and then click Password obfuscation.

   The CMS - Secure Data dialog field appears:

   

8. Enter the appropriate passwords, and then click OK.

9. Open the securedata.properties file and verify that the passwords you entered have been obfuscated.

   For example:

   Before password obfuscation, the following line appears as:

   Copy

   SecureData.DatabasesPwd.insecureValue = hidglobal

   After password obfuscation, the following line appears as:

   Copy

   SecureData.DatabasesPwd.value = 214245292631403e56

   Rules:

   If

   Copy

   *.insecureValue = value 

   is found, it is replaced by:

   Copy

   *.value = obfuscated value

   -or-

   If

   Copy

   *.value = obfuscatedValue 

   is found, it is replaced by:

   Copy

   *.value = newObfuscatedValue

   For example:

   HSM PIN
   Before obfuscation	SecureData.HSMPin.insecureValue = value
   After obfuscation	SecureData.HSMPin.value = 711302746564
   Database Password
   Before obfuscation	SecureData.DatabasesPwd.insecureValue = value
   After obfuscation	SecureData.DatabasesPwd.value = 214245292631403e56
   Security Key Password
   Before obfuscation	SecureData.SecurityPwd.insecureValue = value
   After obfuscation	SecureData.DatabasesPwd.value = 214245292631403e56

10. To remove the password obfuscation:

    • Make sure that the IIS and Apache Tomcat servers are stopped.

    • Using a text editor, edit the securedata.properties file in the %PROGRAMDATA%\HID Global\Credential Management System\Local Files\services\repositories directory.

    • Edit as follows:

    HSM PIN
    Remove	SecureData.HSMPin.value = 711302746564
    Add	SecureData.HSMPin.insecureValue = <value>*
    Database Password
    Remove	SecureData.DatabasesPwd.value = 214245292631403e56
    Add	SecureData.DatabasesPwd.insecureValue =<value>*
    Security Key Password
    Remove	SecureData.SecurityPwd.value = 214245292631403e56
    Add	SecureData.SecurityPwd.insecureValue =<value>*

    * <value> should be replaced by the real value of the HSM PIN/Database password/Security Key password.

Change the Startup Mode to Attended

1. Using a text editor, edit the securedata.properties file in the %PROGRAMDATA%\HID Global\Credential Management System\Local Files\services\repositories directory.

2. Comment the following line, if it exists, by adding the # the beginning of the line as shown below:

   Copy

   # SecureData.mode = insecure

3. Make sure that the following line is present in the securedata.properties file:

   Copy

   SecureData.mode = securesite