Resetting/Updating AAIR inbox password
- Noreen Dertinger
To fix the AAIR Password issue
1. Log an Orion ticket using the Orion “Report an issue” category:
In the description:
Request SSC to fix the SSC password issue.
Indicate that the AAIR inbox, which uses CAWIS MDM, is a mission critical aviation safety application.
Include the error message from the relevant AAIR inbox email
Include the error information from the log (see step 1 in “General troubleshooting”.)
Notes:
1) as non SSC staff we will not be able to log a ticket for SSC directly.2) per an email discussion with service desk, only BMC Administrators are able to open tickets that are prefixed with INC. We don’t have access to those tickets that begin with “INC”
Reset of the password
Resetting the AAIR inbox is an interactive process.
An agent/LAN Admin will initiate process. In January 2023, this was completed via a Teams screen sharing session in which the agent initiated the process but provided control of the screen to the maintenance team member who performed the password change.
Once the password changes need to be done in the CAWIS database. They should be done immediately after the database change. The steps are provide in the next section, “Updating TOAD”.
After the database change is complete check the CAWIS-MDM log (step 1).
Check that the email account is not locked: Open a command prompt and type “net user DNRENAC /domain“. In the response, you should get something like below:
If the line “Account active” says “Locked” or “No”, contact the Service Desk for them to reactivate the account.
Updating the database
immediately following the successful reset of the AAIR inbox password, the CIVAV developer should make the following updates in TOAD). This is time sensitive.
Here’s the steps to fix the issue:
In the table TR47_CAWIS_GENERAL_PROPS:
First, backup the existing password/encryption info
UPDATE TR47_CAWIS_GENERAL_PROPS A SET A.PROPERTY_VALUE =
(SELECT PROPERTY_VALUE FROM TR47_CAWIS_GENERAL_PROPS B
WHERE B.PROPERTY_NAME = 'MDM - MAILBOX PASSWORD' )
WHERE PROPERTY_NAME = 'MDM BACKUP - LAST KNOWN PASSWORD';UPDATE TR47_CAWIS_GENERAL_PROPS SET PROPERTY_VALUE =
(SELECT PROPERTY_VALUE FROM TR47_CAWIS_GENERAL_PROPS B
WHERE B.PROPERTY_NAME = 'MDM - MAILBOX PASSWORD SECRET' )
WHERE PROPERTY_NAME = 'MDM BACKUP - LAST SECRET ENCRYPTION';then, null out the encryption key
UPDATE TR47_CAWIS_GENERAL_PROPS SET PROPERTY_NAME = NULL
WHERE PROPERTY_NAME = 'MDM - MAILBOX PASSWORD SECRET';Note : most fields (with the exception of “password” ) will be UPPERCASED when saved on the TR47 interface page in CAWIS. This would nullify any benefits of backing up up the old encrypted password at this point.
Clearing the value of “MDM - MAILBOX PASSWORD SECRET” is to tell MDM that the password is unencrypted. (Do not remove the row).
a. Set the value of “MDM - MAILBOX PASSWORD” to the new, unencrypted password.
b. Set the value of “MDM - MAILBOX PASSWORD LAST CHECK DATE to SYSDATE + 2”. This will ensure that MDM does the password change two days after the reset (you have to wait a day to do another password change)
Any backlog of distribution jobs may take 15-20 minutes to begin executing afterward
The MDM inbox password will auto-update normally by way of the MDM process a day or so afterward. A new encrypted password and encryption key will then appear on the General properties table.
TC IM/IT can also allocate a new mailbox password if its believed that the password has been altered outside the MDM process,General Troubleshooting
See also the discussion in CAWIS DevOps task: 235611 CAWIS Airworthiness Directive (AD) Distribution
Bug 235611: CAWIS Airworthiness Directive (AD) Distribution - Boards (azure.com) on Jan 26 and 27, 2023.