Did you forget your WebLogic Admin User password?
Posted by Dirk Nachbar on Friday, June 04, 2010
Several month ago you install your Oracle Fusion Middleware Environment, you didn't connect to the WebLogic console and now you realize, that you forget the password of the WebLogic Server Admin User "weblogic".
Here is a small How To in order to reset the Admin User "weblogic" password.
1st Step: Stop your Weblogic Server, if it's running
2nd Step: Source the necessary environment variables for your WebLogic Server
3rd Step: Creation of a new WebLogic Server Admin User
5th Step: Startup the WebLogic Server
For the above mentioned two options see my Blog Post http://dirknachbar.blogspot.com/2009/08/security-hole-in-fusion-middleware-11g.html
6th Step: Login to your WebLogic Server Console with your newly created Admin User and change the password of the original WebLogic Server Admin User "weblogic"
# Navigate to "Security Realms"
# There you'll see two Admin Users: weblogic and your newly created Admin User
# Change the password of the user weblogic
7th Step (optionally): If you was using a boot.properties configuration file before, you must recreate it with the new values for the Admin User and the reseted password
Additional Note (26.01.2011): Please be aware that the above described procedure is NOT working with a database security store !!! (Thanks for the input from Nazir, see comments below)
Here is a small How To in order to reset the Admin User "weblogic" password.
1st Step: Stop your Weblogic Server, if it's running
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin oracle@server>./stopWebLogic.sh <your_server>
2nd Step: Source the necessary environment variables for your WebLogic Server
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin oracle@server>./setDomainEnv.sh
3rd Step: Creation of a new WebLogic Server Admin User
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/security # the first value after the command "java weblogic.security.utils.AdminAccount" # is the new username # the second value is the password for the new Admin User # IMPORTANT !!! After the password value you must place a "." (dot) !!!! # This command will update the DefaultAuthenticatorInit.ldift # configuration file oracle@server>java weblogic.security.utils.AdminAccount myadmin oracle11g .4th Step: Delete the file DefaultAuthenticatormyrealmInit.initialized
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/servers/AdminServer/data/ldap oracle@server>rm DefaultAuthenticatormyrealmInit.initialized
5th Step: Startup the WebLogic Server
# Depending if you are using a boot.properties file # you must choose between the two following options # a) Without boot.properties configuration file oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin oracle@server> ./startWebLogic.sh <your_domain> # Here you will be prompted for your WebLogic Server Admin User and his Password # Use now your newly created Admin User # b) With a configured boot.properties configuration file # Remove your boot.properties configuration file oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/servers/AdminServer/security oracle@server>rm boot.properties # Startup your WebLogic Server oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin oracle@server> ./startWebLogic.sh # Here you will be prompted for your WebLogic Server Admin User and his Password # Use now your newly created Admin User
For the above mentioned two options see my Blog Post http://dirknachbar.blogspot.com/2009/08/security-hole-in-fusion-middleware-11g.html
6th Step: Login to your WebLogic Server Console with your newly created Admin User and change the password of the original WebLogic Server Admin User "weblogic"
# Navigate to "Security Realms"
# There you'll see two Admin Users: weblogic and your newly created Admin User
# Change the password of the user weblogic
7th Step (optionally): If you was using a boot.properties configuration file before, you must recreate it with the new values for the Admin User and the reseted password
Additional Note (26.01.2011): Please be aware that the above described procedure is NOT working with a database security store !!! (Thanks for the input from Nazir, see comments below)
Categories: Oracle WebLogic Server
