If you ever forgot the Admin password, this is a safe and easy way to recover it without decrypting or hacking any WLS file.
For this, we'll just use WLS own tools to log on to Admin Console and reset the Admin Password.
Read on after the jump for the step by step...
For this example we will use a standard WLS 10.3.3 domain, located at: C:\bea\wls\user_projects\domains\base_domain.
This will be referred as DOMAIN_HOME from now on.
1) First of all make sure the Admin Server is stopped.
2) Open a command prompt and go to you DOMAIN_HOME/bin directory (C:\bea\wls\user_projects\domains\base_domain\bin)
3) Run setDomainEnv.sh(cmd)
4) Run the following command (without the quotes): "java weblogic.security.utils.AdminAccount NewAdminUser NewAdminPassword ."
Note 1: the dot (".") at the end of the command, is necessary to run the command in the current location.
Note 2: NewAdminUser and NewAdminPassword are the user and password we are using to create a temporary AdminUser to log on to WLS.
In this example we used "TempAdmin" for username and "TempPass123" for password.
5) The command will create a file called "DefaultAuthenticatorInit.ldift" in the current directory.
6) Go to DOMAIN_HOME\security and rename the old "DefaultAuthenticatorInit.ldift", for precaution, to something like "DefaultAuthenticatorInit.ldift.bkp".
7) Copy the recently created "DefaultAuthenticatorInit.ldift" to DOMAIN_HOME\security
8) Edit the boot.properties located at DOMAIN_HOME\servers\AdminServer\security and give the values used for user/password in the step 4.
The original values should be a encrypted string, just enter the values as plain text.
For example:
password=TempAdmin
username=TempPass123
9) Delete the file named "DefaultAuthenticatormyrealmInit.initialized" located in DOMAIN_HOME\servers\AdminServer\data\ldap
10) Go back to your DOMAIN_HOME and start the server with the following command (without the quotes): "java weblogic.Server"
11) Once the server comes in RUNNING state, shut it down again and restart it with startWeblogic.sh(cmd)
12) After the server comes up again, log in to Admin Console with the user/pass created in step 4
13) Go to Security Realms > myrealm > Users and Groups
14) Here you can select your default WLS Admin user (in my case, weblogic) and change his password.
15) To change it, select the user and go to "passwords" tab, provide the new password and save it.
16) After that you can restart your server and edit the boot.properties again to use your new admin user password and then delete the temporary user created for this purpose.
I tested this with WLS 10.3.3 but I have done other times on different WLS versions. It should work with 10.x up to 10.3.5.
Hope it helps, enjoy!
0 comments:
Post a Comment