There is another smart way to get past this problem of "lost weblogic admin password" , what it does is
"INSTEAD OF TRYING TO RECOVER THE ORIGINAL PASSWORD,
https://recover-weblogic-password.appspot.com/
1) ADD ANOTHER ADMIN USER
2) LOGIN TO CONSOLE
3) CHANGE THE PASSWORD OF ORIGINAL USER
These three steps are much faster to execute and a smarter approach i would say. Also it involves less user mistakes.
Here is the step by step guide
Note : replace the $DOMAIN_HOME with the actual path in your environment,.
1) shutdown the domain ( All managed servers & then admin)
2) backup your $DOMAIN_HOME/security folder in case u need it
cd $DOMAIN_HOME
tar cvf security.tar security
3) set the environment
$cd $DOMAIN_HOME/bin
$ . ./setDomainEnv.sh
Note : dont forget the first dot(.)
4) change to security folder & Add the new admin user using the below command after setting the environment
$ cd ../security ( important step, otherwise you will get IO exception)
$java weblogic.security.utils.AdminAccount adminuser1 welcome1 .
Note : there is a dot (.) at the end of the command
this will add the user adminuser1 as the administrator.
5) remove the below file from ldap directory
rm $DOMAIN_HOME/servers//data/ldap/DefaultAuthenticatormyrealmInit.initialized
6) start the server using startWebLogic.sh Note : do not use the boot.properties file .. or a wrapper script at the first time
7) login to the console and change the password of the original admin user
******************************************************************
How to decrypt WebLogic passwords with WLST
Some examples are:
a) The WebLogic Server administrator credentials (username and password) stored in the files config.xml and boot.properties
b) Node Manager password, stored also in the config.xml file (if you still have the default password, don’t wait and change it know!!)
c) Database password used by the JDBC Data Sources and stored in the file [DOMAIN_HOME]/config/jdbc/[datasource_name].xml
So, how to decrypt this data in 3 easy steps. Just follow this techtapa recipe:
Ingredients:
- 1 WLST script
- The path of the WebLogic Server domain
- The encrypted field, for example, username and password from boot.properties
Preparation:
1. Copy this WLST script (you can also download it here).
import os import weblogic.security.internal.SerializedSystemIni import weblogic.security.internal.encryption.ClearOrEncryptedService def decrypt(domainHomeName, encryptedPwd): domainHomeAbsolutePath = os.path.abspath(domainHomeName) encryptionService = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domainHomeAbsolutePath) ces = weblogic.security.internal.encryption.ClearOrEncryptedService(encryptionService) clear = ces.decrypt(encryptedPwd) print "RESULT:" + clear try: if len(sys.argv) == 3: decrypt(sys.argv[1], sys.argv[2]) else: print "INVALID ARGUMENTS" print " Usage: java weblogic.WLST decryptPassword.py DOMAIN_HOME ENCRYPTED_PASSWORD" print " Example:" print " java weblogic.WLST decryptPassword.py D:/Oracle/Middleware/user_projects/domains/base_domain {AES}819R5h3JUS9fAcPmF58p9Wb3syTJxFl0t8NInD/ykkE=" except: print "Unexpected error: ", sys.exc_info()[0] dumpStack() raise
2. Set your environment (CLASSPATH, PATH,..). Open a console, go to [FMW_HOME]/wlserver_10.3/server/bin/ and run the script setWLSEnv.sh:
$ . ./setWLSEnv.sh
3.Run the script. Go to the path where you copied the WLST script ( decryptPassword.py) and run it. You must provide two arguments, the WebLogic Server domain Home full path and the string you want to decrypt, for example:
$ java weblogic.WLST decryptPassword.py /opt/oracle/Middleware/user_projects/domains/base_domain {AES}LU5dLPP0PliNb5Ml1Fo7rD2AbNFwLcyLtYUEDTb+8zY\=
$ java weblogic.WLST decryptPassword.py /XXXXX/applmgr/fs2/FMW_Home/user_projects/domains/EBS_domain_xx122i {AES}Cb3qjo8vUPVBkkxMH3FSiIm4HJXC+RdQ5CjzRoHGPdE=
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
RESULT:weblogic123
Enjoy it!!
No comments:
Post a Comment