Hi,

Jay SenSharma

Jay SenSharma

To know How to Decrypt WebLogic Password ? (click Here)

Many times we want to Alter WebLogic Admin Username and passwords on a Routine Basis…

If you want to Reset The WebLogic Username and Password then Please follow the Steps mentioned Below…(EXACTLY):

Step1). open a Command Prompt and then run “setDomainEnv.sh” or “setDomainEnv.cmd”.

Step2). Just for Safety Take a Backup of (C:bea103user_projectsdomains7001_Domainsecurity*DefaultAuthenticatorInit.ldift*) file …because in the Next Command which we are going to run is going to Create a New File “DefaultAuthenticatorInit.ldift”.

Step3). In the Command Window Move inside your Domain’s Security Directory…And then Run the Following Command:

Example: C:bea103user_projectsdomains7001_Domainsecurity>java weblogic.security.utils.AdminAccount newAdmin newPassword .

Syntax: java weblogic.security.utils.AdminAccount <NewAdminUserName> <NewAdminPassword>

NOTE:- There is a . (DOT) at the end of the Above command which represents the Current Directory. Here you can see that after this command Executes A new “DefaultAuthenticatorInit.ldift” file will be created in the Current Directory.

IMPORTANT STEP   [This Step 3-A) U Need Not to Follow If you Already Forgot your Admin Credentials]

Step3-A).  Login to Admin Console

Security Realms—> myrealm(Your realm Name)—> Migration(Tab)—> Export (Tab)

Here please provide a Directory location for “Export Directory on Server:” TextBox (Example: C:UserData)

Click on “Save” button…you will find that in the Directory which you have specified you will get :

DefaultAuthenticator.dat
DefaultCredentialMapper.dat
exportIndex.dat
XACMLAuthorizer.dat
XACMLRoleMapper.dat

Step 4). In the Same command prompt Move inside the admin Server folder inside your domain. And then Just remname the “data” folder to something else ….like “data_OLD” this is a way of taking safe backup….

Example: C:bea103user_projectsdomains7001_DomainserversAdminServer> rename data data_OLD

Step 5). Now Similarly rename the boot.properties as well to an other File….

Example: C:bea103user_projectsdomains7001_DomainserversAdminServersecurity> rename boot.properties boot.properties_OLD

Step 6). Make sure that “boot.properties” file exists….If yes then Now start The Admin Server….

While starting it will ask for the UserName and Password to be entered as ..we havenot created any “boot.properties” file at present. But it is always recommended that u create the “boot.properties” file on your own …to prevent WebLogic Prompting you for Admin Username & Passwords while starting the Server.

————> At the End Login to Admin Console with the New Useraname and Password—–> Check the Users in Security realms …you will not find any user with name “weblogic” There….

This is most important Step:  Because Sometimes we face this kind of issue if you have provided a Wrong format in your “boot.properties” file there should be NO Special Charachers (UTF or Invisible sharacters) Or NO Space in your “boot.properties” file …except below two Lines:

username=MyAdminUserName
password=MyAdminPassword

Please edit this File very carefully….better use Noteopad kind of Simple Editors.
Use “ls” (Unix command) or “dir” Windows Command to Make Sure that the File Extension is “boot.properties” only…and not “boot.properties.txt” or something else.

Note: There should be No Heading Or Trailing SPACE character in these two Lines.

Step 7).  To import other User Data back Please do the following:

Login to Admin Console
Security Realms—> myrealm(Your realm Name)—> Migration(Tab)—> Import (Tab)

Now provide the folder Name where u have all the above files:
DefaultAuthenticator.dat
DefaultCredentialMapper.dat
exportIndex.dat
XACMLAuthorizer.dat
XACMLRoleMapper.dat

Enjoy….

Instructions for WebLogic 10.3.1 and above

For WLS 10.3.x And above Make sure that when you reset the Admin Passwords by following the instructions using the command line utility:http://middlewaremagic.com/weblogic/?p=323
Then using the new passwords login to the admin console first and then Security Realm —> myrealm —-> Users & Group (tab) you should reset the the password of the weblogic admin user Again ….AND this time give the same credentials which you reset just now (means the password which you created just now or give a new password)…..Then only the changes of the encrypted passwords will be reflected in the “config.xml” file.
Once the above is done now you should be able to decrypt the password mentioned in the “config.xml” file <node-manager-password-encrypted> tag. using  http://middlewaremagic.com/weblogic/?p=5806

=============================

Also if you are facing the following kind of error in your server log and the Server is not coming up …

<Critical> <Security> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.>

Few things in case of above errors:
1). Make sure that your “<DOMAIN_HOME>/servers/<SERVER_NAME>/security/boot.properties” file has the correct clear text Username/passwords.
2). You can also refer to the Step6). mentioned in the above Post to know how to write and override this file.
3). Also in the AdminServer and Managed Server try to rename the “<DOMAIN_HOME>/servers/<SERVER_NAME>/data” directory so that as soon as you will start the Admin Server a new “data” directory will be created with the new Security related files.

.
.

Thanks
Jay SenSharma

If you enjoyed this post, please considerleaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.