OFBiz › OFBiz - User

Recover lost admin password

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

10 messages Options

Torsten Schlabach-2

Recover lost admin password

Hi!

I have an OFBiz installation where someone changed the standard password
of admin / ofbiz to something else, but it got lost. There are other
users in the system, but none of them has sufficient privilegdes to
reset the password for admin.

Is there a simple way of fixing this?

Regards,
Torsten

G.Venkata Phanindra

Re: Recover lost admin password

Hi Torsten,
There is one more user with flexadmin and ofbiz we can login and
change the admin password getting into party manger.
regards
Phani

On 3/12/07, Torsten Schlabach <[hidden email]> wrote:

>
> Hi!
>
> I have an OFBiz installation where someone changed the standard password
> of admin / ofbiz to something else, but it got lost. There are other
> users in the system, but none of them has sufficient privilegdes to
> reset the password for admin.
>
> Is there a simple way of fixing this?
>
> Regards,
> Torsten
>

--
G.Venkata Phanindra
Mob:: 9849852989

cjhowe

Re: Recover lost admin password

In reply to this post by Torsten Schlabach-2

Do you have access to the entity maintenance in webtools or to
database? If so, change UserLogin.password to the encrypted value of a
known password. This is one of many good reasons not to share user
login information.

--- Torsten Schlabach <[hidden email]> wrote:

> Hi!
>
> I have an OFBiz installation where someone changed the standard
> password
> of admin / ofbiz to something else, but it got lost. There are other
> users in the system, but none of them has sufficient privilegdes to
> reset the password for admin.
>
> Is there a simple way of fixing this?
>
> Regards,
> Torsten
>

Walter Vaughan

Re: Recover lost admin password

In reply to this post by Torsten Schlabach-2

Torsten Schlabach wrote:
> I have an OFBiz installation where someone changed the standard password
> of admin / ofbiz to something else, but it got lost. There are other
> users in the system, but none of them has sufficient privilegdes to
> reset the password for admin.
>
> Is there a simple way of fixing this?
>
If you have write access to the database and especially the user_login table,
you can paste in a known value in the current_password column from a known
user/password combination.

--
Walter

Jacques Le Roux

Re: Recover lost admin password

Administrator

In reply to this post by G.Venkata Phanindra

Torsten, all,

FYI, beware to not stay with default logins and passwords in production
sites. This for obvious security reasons. Please see recommendations in
http://tinyurl.com/yuldmy.

Thanks to TinyUrl Creator https://addons.mozilla.org/mozilla/126/ I was
able to create this tiny URL with an anchor :o)

Jacques

> Hi Torsten,
> There is one more user with flexadmin and ofbiz we can login
and

> change the admin password getting into party manger.
> regards
> Phani
>
>
> On 3/12/07, Torsten Schlabach <[hidden email]> wrote:
> >
> > Hi!
> >
> > I have an OFBiz installation where someone changed the standard

password

> > of admin / ofbiz to something else, but it got lost. There are other
> > users in the system, but none of them has sufficient privilegdes to
> > reset the password for admin.
> >
> > Is there a simple way of fixing this?
> >
> > Regards,
> > Torsten
> >
>
>
>
> --
> G.Venkata Phanindra
> Mob:: 9849852989
>

Walter Vaughan

Re: Recover lost admin password

Jacques Le Roux wrote:

> Torsten, all,
>
> FYI, beware to not stay with default logins and passwords in production
> sites. This for obvious security reasons. Please see recommendations in
> http://tinyurl.com/yuldmy.

The following users all have "ofbiz" as password. "Madmax" and "bigal" are a
little disconcerting backdoor parties. YMMV. This is a ofBiz/OpenTaps box that
only has demo data installed users.

"admin"
"system"
"flexadmin"
"demoadmin"
"ltdadmin"
"bizadmin"
"blog_author"
"madmax"
"supplier"
"DemoBuyer"
"DemoRepAll"
"DemoRepStore"
"DemoCustCompany"
"DemoCustAgent"
"DemoCustomer"
"blog_admin"
"blog_editor"
"blog_user"
"bigal"
"blog_guest"

--
Walter

David E Jones

Re: Recover lost admin password

On Mar 12, 2007, at 9:45 AM, Walter Vaughan wrote:

> "Madmax" and "bigal" are a little disconcerting backdoor parties.

I'm not sure what you mean by this. I took a peek at their settings
and they look pretty safe to me, and are just users that are part of
the blog demo data. I would prefer it if more generic names and such
were used, like the DemoCustomer and other similar accounts, but I'm
not sure how they would be "backdoor" users.

-David

smime.p7s (3K) Download Attachment

Rick F.

Re: Recover lost admin password

You can also sign in to the ecommerce app and have it email you a new password.

Another reason to hold usernames of admin and such close to the chest.

Rick

"David E. Jones" <[hidden email]> wrote:

On Mar 12, 2007, at 9:45 AM, Walter Vaughan wrote:

> "Madmax" and "bigal" are a little disconcerting backdoor parties.

I'm not sure what you mean by this. I took a peek at their settings
and they look pretty safe to me, and are just users that are part of
the blog demo data. I would prefer it if more generic names and such
were used, like the DemoCustomer and other similar accounts, but I'm
not sure how they would be "backdoor" users.

-David

Torsten Schlabach-2

Re: Recover lost admin password

In reply to this post by G.Venkata Phanindra

That helped, thank you.

Any yes, it's a reminder to close all that backdoors on a productive system.

Isn't there something like a test suite which would check for all of this?

Regards,
Torsten

G.Venkata Phanindra schrieb:

> Hi Torsten,
> There is one more user with flexadmin and ofbiz we can login and
> change the admin password getting into party manger.
> regards
> Phani
>
>
> On 3/12/07, Torsten Schlabach <[hidden email]> wrote:
>
>>
>> Hi!
>>
>> I have an OFBiz installation where someone changed the standard password
>> of admin / ofbiz to something else, but it got lost. There are other
>> users in the system, but none of them has sufficient privilegdes to
>> reset the password for admin.
>>
>> Is there a simple way of fixing this?
>>
>> Regards,
>> Torsten
>>
>
>
>

Andrew Sykes

Re: Recover lost admin password

In reply to this post by G.Venkata Phanindra

Torsten

You could write a Selenium test and add it to the Selenium patch ;-)
https://issues.apache.org/jira/browse/OFBIZ-680

- Andrew

On Mon, 2007-03-12 at 20:35 +0100, Torsten Schlabach wrote:

> That helped, thank you.
>
> Any yes, it's a reminder to close all that backdoors on a productive system.
>
> Isn't there something like a test suite which would check for all of this?
>
> Regards,
> Torsten
>
> G.Venkata Phanindra schrieb:
> > Hi Torsten,
> > There is one more user with flexadmin and ofbiz we can login and
> > change the admin password getting into party manger.
> > regards
> > Phani
> >
> >
> > On 3/12/07, Torsten Schlabach <[hidden email]> wrote:
> >
> >>
> >> Hi!
> >>
> >> I have an OFBiz installation where someone changed the standard password
> >> of admin / ofbiz to something else, but it got lost. There are other
> >> users in the system, but none of them has sufficient privilegdes to
> >> reset the password for admin.
> >>
> >> Is there a simple way of fixing this?
> >>
> >> Regards,
> >> Torsten
> >>
> >
> >
> >

--
Kind Regards
Andrew Sykes <[hidden email]>
Sykes Development Ltd
http://www.sykesdevelopment.com