Configuration required for different sysadmin credentials

Edge for Private Cloud v. 4.16.09

When you first installed Apigee Edge, a special kind of user was created called a sysadmin user, and at the same time some additional config files were updated with this user’s details. If you configure your external LDAP to authenticate using a non-email address username and / or you have a different password in your external LDAP for this sysadmin user, then you will need to make the changes described in this section.

There are two locations that need to be updated:

  • Apigee management UI logs into the Apigee Management Server using credentials that are stored encrypted in a configuration file. This update is required when either/both username or password for your sysadmin user is different.
  • Apigee stores the sysadmin username in another file which is used when running various Apigee utility scripts. This update is only required when the username of your sysadmin user is different.

Editing the Edge management UI credential

  1. Edit the silent config file that you used to install the Edge UI to set the following properties:
    ADMIN_EMAIL=newUser
    APIGEE_ADMINPW=newPW

    SMTPHOST=smtp.gmail.com
    SMTPPORT=465
    SMTPUSER=foo@gmail.com
    SMTPPASSWORD=bar
    SMTPSSL=y


    Note that you have to include the SMTP properties when passing the new password because all properties on the UI are reset.
  2. Use the apigee-setup utility to reset the password on the Edge UI from the config file:
    > /opt/apigee/apigee-setup/bin/setup.sh -p ui -f configFile

Testing the configuration

  1. Open the management UI in a browser at:
    http://<management-server-IP>:9000/

    For example:
    http://192.168.52.100:9000/
  2. Log in using the new credentials. If the login succeeds, the configuration is correct.

Editing the Edge sysadmin username store for Apigee utility scripts

  1. Edit the silent config file that you used to install the Edge UI to set the following property to change the value of ADMIN_EMAIL to the username you will be using for your sysadmin user in your external LDAP:
    APIGEE_EMAIL=newUser
  2. Use the apigee-setup utility to reset the username on all Edge component from the config file:
    > /opt/apigee/apigee-setup/bin/setup.sh -p ui -f configFile

    You must run this command on all Edge component on all Edge nodes, including: Management Server, Router, Message Processor, Qpid, Postgres.

Testing the configuration

Verify that you can access the central POD. On the Management Server, run the following CURL command:

> curl -u sysAdminEmail:password http://localhost:8080/v1/servers?pod=central

You should see output in the form:

[ {
 "internalIP" : "192.168.1.11",
 "isUp" : true,
 "pod" : "central",
 "reachable" : true,
 "region" : "dc-1",
 "tags" : {
   "property" : [ ]
 },
 "type" : [ "application-datastore", "scheduler-datastore", "management-server", "auth-datastore", "apimodel-datastore", "user-settings-datastore", "audit-datastore" ],
 "uUID" : "d4bc87c6-2baf-4575-98aa-88c37b260469"
}, {
 "externalHostName" : "localhost",
 "externalIP" : "192.168.1.11",
 "internalHostName" : "localhost",
 "internalIP" : "192.168.1.11",
 "isUp" : true,
 "pod" : "central",
 "reachable" : true,
 "region" : "dc-1",
 "tags" : {
   "property" : [ {
     "name" : "started.at",
     "value" : "1454691312854"
   }, ... ]
 },
 "type" : [ "qpid-server" ],
 "uUID" : "9681202c-8c6e-4da1-b59b-23e3ef092f34"
} ]