How to change the BigFix WebUI database userid and password

I recently installed the BigFix WebUI with the wrong password and needed to fix it. I found the encrypted information in the db_config.json file in the folder:

C:\Program Files (x86)\BigFix Enterprise\BES WebUI\WebUI

However, this is what the contents of that file are:

{"user":"96\u002fzY1rPfE40v69uFttQAg==","password":"MwKBDmT00BEwEZm1ctZahg==","hostname":"WIN-5M6866TPST1.mynet.foo","port":1433}

And while those look like Base64 encoded values, there's also some encryption going on (try putting either of those strings through an online Base64 encoder/decoder and you'll see).

So the first thing I tried was to just put the information in the file in cleartext and restart the WebUI service, so the file looked like:

{"user":"sa","password":"passw0rd","hostname":"WIN-5M6866TPST1.mynet.foo","port":1433}

Amazingly, that worked, and here's the logfile entry that shows it:

Wed, 04 Jul 2018 13:14:24 GMT bf:dbcredentials-error Failed to decrypt database credentials, attempting to use inputted credentials as plaintext

However, the file kept the cleartext data (I had hoped that it would re-encrypt the values on startup, but it did not).

Then I found the solution in the place I should have looked to begin with - in the BigFix console! There's a task defined in the BES Support site specifically for this purpose. The task is named "Deploy/Update WebUI Database Configuration". Run the action associated with that task and it will create a new db_config.json file with the properly encrypted data and you're good to go.