Did you forget your WebLogic Admin User password?
Posted by Dirk Nachbar on Friday, June 04, 2010 with 13 comments
Several month ago you install your Oracle Fusion Middleware Environment, you didn't connect to the WebLogic console and now you realize, that you forget the password of the WebLogic Server Admin User "weblogic".
Here is a small How To in order to reset the Admin User "weblogic" password.
1st Step: Stop your Weblogic Server, if it's running
2nd Step: Source the necessary environment variables for your WebLogic Server
3rd Step: Creation of a new WebLogic Server Admin User
5th Step: Startup the WebLogic Server
For the above mentioned two options see my Blog Post http://dirknachbar.blogspot.com/2009/08/security-hole-in-fusion-middleware-11g.html
6th Step: Login to your WebLogic Server Console with your newly created Admin User and change the password of the original WebLogic Server Admin User "weblogic"
# Navigate to "Security Realms"
# There you'll see two Admin Users: weblogic and your newly created Admin User
# Change the password of the user weblogic
7th Step (optionally): If you was using a boot.properties configuration file before, you must recreate it with the new values for the Admin User and the reseted password
Additional Note (26.01.2011): Please be aware that the above described procedure is NOT working with a database security store !!! (Thanks for the input from Nazir, see comments below)
Here is a small How To in order to reset the Admin User "weblogic" password.
1st Step: Stop your Weblogic Server, if it's running
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin oracle@server>./stopWebLogic.sh <your_server>
2nd Step: Source the necessary environment variables for your WebLogic Server
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin oracle@server>./setDomainEnv.sh
3rd Step: Creation of a new WebLogic Server Admin User
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/security # the first value after the command "java weblogic.security.utils.AdminAccount" # is the new username # the second value is the password for the new Admin User # IMPORTANT !!! After the password value you must place a "." (dot) !!!! # This command will update the DefaultAuthenticatorInit.ldift # configuration file oracle@server>java weblogic.security.utils.AdminAccount myadmin oracle11g .4th Step: Delete the file DefaultAuthenticatormyrealmInit.initialized
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/servers/AdminServer/data/ldap oracle@server>rm DefaultAuthenticatormyrealmInit.initialized
5th Step: Startup the WebLogic Server
# Depending if you are using a boot.properties file # you must choose between the two following options # a) Without boot.properties configuration file oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin oracle@server> ./startWebLogic.sh <your_domain> # Here you will be prompted for your WebLogic Server Admin User and his Password # Use now your newly created Admin User # b) With a configured boot.properties configuration file # Remove your boot.properties configuration file oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/servers/AdminServer/security oracle@server>rm boot.properties # Startup your WebLogic Server oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin oracle@server> ./startWebLogic.sh # Here you will be prompted for your WebLogic Server Admin User and his Password # Use now your newly created Admin User
For the above mentioned two options see my Blog Post http://dirknachbar.blogspot.com/2009/08/security-hole-in-fusion-middleware-11g.html
6th Step: Login to your WebLogic Server Console with your newly created Admin User and change the password of the original WebLogic Server Admin User "weblogic"
# Navigate to "Security Realms"
# There you'll see two Admin Users: weblogic and your newly created Admin User
# Change the password of the user weblogic
7th Step (optionally): If you was using a boot.properties configuration file before, you must recreate it with the new values for the Admin User and the reseted password
Additional Note (26.01.2011): Please be aware that the above described procedure is NOT working with a database security store !!! (Thanks for the input from Nazir, see comments below)
Categories: Oracle WebLogic Server
Fantastic Post...
ReplyDeleteWorks Perfectly. You saved my day!
Thanks
Kartik
Hi Kartik,
ReplyDeleteyou are welcome. Hope you will find more usefull informations in my blog :-)
Cheers
Dirk
Thanks for share you knowleage!
ReplyDeleteHi Javier,
ReplyDeleteyou are welcome.
Cheers
Dirk
it doesn't work for me. I reset password to myadmin and oracle11g, all went well, but starting server I get errors,
ReplyDeleteCaused By: org.apache.openjpa.lib.jdbc.ReportingSQLException: ORA-00942: tabellen eller utsnittet finnes ikke
{prepstmnt 46924576 INSERT INTO BEAXACMLAP (DOMN, REALMN, TYPEN, CN, XVER, CTS, WCN, WCI, WXF, XD, XS, MTS) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
at org.apache.openjpa.lib.jdbc.LoggingConnectionDecorator.wrap(LoggingConnectionDecorator.java:192)
at org.apache.openjpa.lib.jdbc.LoggingConnectionDecorator.access$700(LoggingConnectionDecorator.java:57)
I also tried to skip boot.properties, but the directory and path are not there on my server. I am sing windows by the way.
ReplyDelete==============
Directory of C:\Oracle\Middleware\user_projects\domains\unit4base_domain\servers\AdminServer
cache
6.01.2011 07:58 data
6.01.2011 07:57 logs
6.01.2011 07:57 tmp
0 File(s) 0 bytes
6 Dir(s) 408 810 491 904 bytes free
==========================
Then I went to
C:\Oracle\Middleware\user_projects\domains\unit4base_domain\security>dir
Volume in drive C has no label.
Volume Serial Number is 6074-FDAD
Directory of C:\Oracle\Middleware\user_projects\domains\unit4base_domain\security
26.01.2011 07:55 .
26.01.2011 07:55 ..
26.01.2011 08:32 3 385 DefaultAuthenticatorInit.ldift
26.01.2011 07:55 2 398 DefaultRoleMapperInit.ldift
26.01.2011 07:55 64 SerializedSystemIni.dat
26.01.2011 07:55 22 666 XACMLRoleMapperInit.ldift
4 File(s) 28 513 bytes
2 Dir(s) 408 812 871 680 bytes free
Hi Bakorea,
ReplyDeleteseems that you dont have a "Standalone" WebLogic Server. It looks for me that you have a database related security store. My solution is only working for "Standalone" WebLogic Servers.
I was searching a little bit around and I found following OTN Forums Thread: http://forums.oracle.com/forums/thread.jspa?threadID=847826
I will have a closer look and come back to you.
Cheers
Dirk
Thnaks Dirk.
ReplyDeleteSurely this is due to database. I tried the solution in the tread you gave to run script. User didn't even exist on database, so I had to create one and ran script both as weblogi admin and sys. Still getting same error.
what do you mean by standalone? should I re-install weblogic as standalone? how?
Hi Dirk,
ReplyDeleteI managed to get it to work. I logged as the user I specified for database test connection, not weblogic nor myadmin, then later run the script
@c:\Oracle\Middleware\wlserver_10.3\server\lib\rdbms_security_store_oracle.sql
and now weblogic server is running. spread the word and thanks for your help.
regards,
nazir
Hi Nazir,
ReplyDeletehappy to hear that your problem is solved now :-)
I will update my blogpost and state clearly that this way is only working without database security store.
I will check also how to reset the password for the WebLogic administrative user in combination with a database security store.
Cheers
Dirk
Hi Dirk
ReplyDeleteThis has worked flawlessly, fantastic.
Thanks
3rd Step: Creation of a new WebLogic Server Admin User
ReplyDeleteI have Weblogic 10.3.2 and run the command: java oracle11g weblogic.security.utils.AdminAccount user.
the error message says:
Exception in thread "main" java.lang.NoClassDefFoundError: weblogic/security/utils/AdminAccount
Caused by: java.lang.ClassNotFoundException: weblogic.security.utils.AdminAccount
at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
at java.lang.ClassLoader.loadClass(ClassLoader.java:307)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
at java.lang.ClassLoader.loadClass(ClassLoader.java:248)
Could not find the main class: weblogic.security.utils.AdminAccount. Program will exit.
You can help me?
Absolutely Brilliant! Saved my headache, I was going to redo the domain!
ReplyDelete