KB484078: Migration from MicroStrategy on AWS Trial Environment to a MicroStrategy on AWS Production Environment

After configuring and testing a Strategy on AWS Trial environment, there are four main steps to further configure the environment to a full production environment.
 

1. Change the default passwords
2. Configure the SMTP Server
3. Reconfigure MicroStrategy Identity for DNS change
4. Update SSL Certificates

Change the default passwords

Change the default passwords for:
 

MSTR User from a Windows Developer Instance

• Log in to the Windows machine as the MSTR user.
• Open Computer Management.
• Navigate to Local User and Groups>Users.
• Right-click the mstr user > Set Password.
• Enter the new password.
• Retype the new password.
  

• Click OK.

Remote Access for Guacamole

• Log in to your Linux machine.
• In the console, navigate to the guacamole folder using the following command:
  

• Open the user-mapping.xml file using the following command:
  

• Locate <param name="password"> and enter your new password. 
• Make sure to update all "password" fields with the new password in the file:
  

VNC

1. Log in to your Linux machine.
2. In the console, enter vncpasswd.
3. Next to Password, enter your new password.
4. Next to Verify, retype the new password.

MSTR User on a Linux Server 

• Log in to your Linux machine as the MSTR user.
• In the console, enter passwd.
• Enter the current password for the MSTR user.
• Enter the new password and press Enter.
• Retype the new password and press Enter. A message appears indicating the password is successfully changed.
  

• Restart tomcat by running:

  service mstr tomcatrestart.

MSTR User in MySQL via Command Line (Strategy 2019 and earlier)

• Log in to the MySQL database using command line.
  

• Enter the following command to change your password:
  

• Press Enter.
  

PostgreSQL User in PostgreSQL via Command Line (Strategy 2020 and later)

• Log in to the Postgres database using command line.
  

  
  opt/mstr/MicroStrategy/install/Repository/bin/mstr_psql -d poc_metadata -h HOSTNAME -U mstr
  

  
  
• Run the following command to change the password in Postgres:
  

• Enter the new password twice and quit Postgres using \q.

Strategy Web

1. Open Strategy Web.
2. From the drop-down, select Preferences.
3. In User Preferences, select Change Password.
4. In Old password, enter your existing password.
5. In New password, enter your new password.
6. In New password verification, retype the new password.
7. Click Change Password.

For steps to change another user's password, see How to Change a User's Password .

Strategy Web Admin

• Log in to your Linux machine.
• In the console, navigate to the Tomcat directory using the following command:
  

• Open the tomcat-users.xml file using the following command:
  

• Locate <user password=""> and enter your new password.
  

• Restart Tomcat using the following command:
  

Configure the SMTP Server

• Create an SES SMTP username and password via Amazon SES console.
• Log into the machine for which you want to change the Postfix configuration.
• Upload new certificates which verify the Amazon SES server (/xxx.ct).
• Modify /etc/postfix/sasl_passwd with the new endpoint name, username, and password.
• Generate a hashmap database file:
  

• Tell Postfix where to find the proper certificates:
  

• Restart Postfix:
  

Reconfigure Strategy Identity for DNS Change

• Change the DNS host file.
  Location: /etc/hosts – the last line
  [IP address] [old_DNS] [hostname] -> [IP address] [new_DNS] [hostname]
  For example:
  

• changes to
  

• Change the IDM and Gateway properties.
  Location: /opt/usher/usherserver/usherApps/shardGateway/conf/gateway.properties
  
• Update the IDM URL in the following properties:
  idm.url=<IDM_URL>
  idm.2tls.url=<IDM2way_URL>
  
• Update the Gateway URL and port in the following properties:
  gateway.url=<gateway_URL>
  gateway.port=<gateway_port>
  
• Restart Tomcat to activate new Strategy Badge URLs.
  

• Reconfigure Identity Manager.
  Location: <New Identity Manager URL>/networkmanager/manageSystem
  
• Restart Strategy Badge Tomcat for Identity Manager reconfiguration to take effect.
  

• Change Strategy Badge configuration on the Strategy Web Server.
  Location: <New Web DSN>/MicroStrategy/servlet/mstrWebAdmin
  
• Click Modify.
• Click Setup.
  

• Enter the new IDM URL in the Strategy Identity Server URL field.
  

• To get the latest Strategy Badge, resend the Welcome to MicroStratgey AWS email.
• Log in to the new DNS with new Strategy Badge.

Update SSL Certificates

Add certificates to the AWS Account:

• Open the Amazon EC2 console here.
• On the navigation pane, go to LOAD BALANCING > Load Balancers.
• Select your load balancer. For the environments deployed via the MCP console, you can type env- and search for loadbalancer.
  

• On the Listeners tab, under SSL Certificate, click View/edit certificates.
• Click on the + sign at the top of the screen and click Import Certificate.
• Select IAM. Do not use ACM.
• Name the certificate: wildcardTrialCloud2022.
• In Certificate Private Key, add contents from server.key.
• In Certificate body, add contents from server.crt.
• In Certificate chain, add contents from intermediate.crt.
• Click Import.

Edit the Listener to use the New Certificates

• Open the Amazon EC2 console here.
• On the navigation pane, go to LOAD BALANCING > Load Balancers.
• Select your load balancer. For the environments deployed via the MCP console, you can type env- and search for loadbalancer.
• Select the checkbox next to the Listener ID for your certificate and click Edit.
  

• Choose the newly added certificates.
  

• Once the certificates are updated, you can see it on the console.