Skip to main content
Question

Changing password of Active Directory service account of IFS Middleware/Database server

  • November 13, 2025
  • 4 replies
  • 27 views
V
Sidekick (Customer)
Forum|alt.badge.img+7

Hi,
Please see the details given below.

Current Situation:

Application Version: IFS 10 UPD 22
The Active Directory (AD) service account used for IFS Middleware and Database servers is currently configured with the “Password Never Expires” policy.

Proposed Change:
The IT team plans to convert this dedicated service account for IFS servers into a Managed Service Account and enforce the company’s password policy (e.g., complex password requirements and expiration every 12 months). This may also involve changing the current password.

Questions:

Will changing the password of this service account impact the availability or functionality of the IFS Application?
If there is no immediate impact, what happens if the password expires before it is reset—will this affect IFS Application availability?

We would greatly appreciate expert feedback on these concerns.

Thank you!

 

Kind Regards

Thilochana
 

Thilochana Ekanayake

4 replies

V
Sidekick (Customer)
Forum|alt.badge.img+7
  • VPPEKANATHI
  • Author
  • Sidekick (Customer)
  • 55 replies
  • November 13, 2025

@Soumya Dasgupta Kindly get someone to reply to this Post!

Thilochana Ekanayake
NickPorter
Superhero (Customer)
Forum|alt.badge.img+18
  • NickPorter
  • Superhero (Customer)
  • 376 replies
  • November 13, 2025

Changing the password itself should not impact anything.  Even if it is set to never expire, you can still change it as you wish and it would have no impact (just stop the service, change the pwd in AD and in the service settings, then restart everything again to make sure it is clean)

If the password did expire then the service would not function properly and IFS MWS would be unavailable.  That said, I’m not sure 100% sure if it would impact the service immediately if it was already actively running, or if it would only have an impact when the service was restarted… my guess is that it would cause a problem when it expired and it isn’t something I would want to have happen.

HTH,

Nick

(As a side note, demanding someone responds to a post after ~4hours is not very helpful in general in a global user community forum where people who might help could be elsewhere in the world...)

V
Sidekick (Customer)
Forum|alt.badge.img+7
  • VPPEKANATHI
  • Author
  • Sidekick (Customer)
  • 55 replies
  • November 13, 2025

@NickPorter 

 

Thanks for the reply.

I assumed that the application would not require a restart since the IFS MWS Node Manager service’s ‘Log on as’ property is set to ‘Local System account’.


If the MWS does need to be restarted, we will have to schedule a planned downtime. Therefore, I would like to confirm exactly what actions are required after changing the password of the AD Service Account for the MW/DB servers.

 

Side Note:

True. I agree. 

I raised a support case for this requirement because I wanted a definitive answer before proceeding. I was advised to post the same query in the Community, which is why I mentioned the case owner’s name—to indicate that it has been shared there.

Thilochana Ekanayake
V
Sidekick (Customer)
Forum|alt.badge.img+7
  • VPPEKANATHI
  • Author
  • Sidekick (Customer)
  • 55 replies
  • November 13, 2025

@NickPorter 

Additional Info:

Unfortunately, there is no way to test this change as the same AD Service account is used across all three environments. Any modification will directly impact the Production environment.

I am considering the following approach to test before applying changes to the Production service account:

  1. Create a new Service Account similar to the existing one, with access to the Test Middleware Server and Database Server.
  2. Log in to the Test Middleware server using the new Service Account and reconfigure the IFS MWS. No changes will be made to the Database Server.
  3. Once the Test environment is up and running, change the password and verify the application behavior.

Any feedback on this proposed process would be greatly appreciated.

 

 

Thilochana Ekanayake


Terms & ConditionsCookie settingsAccessibility statement