Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Service Manager9.41

Administer > System Security > Encryption of operator passwords

Encryption of operator passwords

The HPE Service Manager server encrypts all operator passwords stored on the database using a SHA512 one-way encryption process that cannot be decrypted. The server automatically encrypts existing passwords on your system the first time they are accessed. You can also do a mass update of the operator table to convert all passwords at once.

You need to update the SQL mapping for the password field to accept a larger character limit. The data policy settings are as follows.

Database object	Requirement
Table	operator
Field	password
Data type	VARCHAR
Size	136 characters

Automatic operator password encryption replaces the legacy data policy encryption option that was controlled by the encryptionkey parameter. To convert to the automatic operator password encryption scheme in legacy systems, you must first turn off the existing data policy encryption. The server updates the password encryption the next time it reads the operator record.

Service Manager clients use a two-way encryption process (PBE with MD5, DES in non-FIPS mode, and AES in FIPS mode) to secure operator passwords when communicating with the server. The server decrypts the password sent from the client and then one-way encrypts it to compare the results to the encrypted value stored in the database. The server never stores the operator password in an unencrypted form.

If your Service Manager implementation uses LDAP authentication, the server must still send an unencrypted operator password to the directory service because LDAP servers are unaware of Service Manager's encryption scheme. If you require encryption between Service Manager and the LDAP server, you can configure OpenSSL or another standard encryption scheme between the two servers.

Send Help Center feedback