change username and password

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

change username and password

myofbiz
Hi
If I want to change the username and password from admin, ofbiz to something else, in which files should I change.

Thanks



     
Reply | Threaded
Open this post in threaded view
|

Re: change username and password

BJ Freeman
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

admin is a user login not a party ID.
if you want to change the seed data
/framework/security/data/securitydata.xml
otherwise you can go into the partymgr lookup the admin party and go
through the logins for each admin login and change the password there.

adithi agarwal sent the following on 1/15/2009 1:12 PM:
> Hi
> If I want to change the username and password from admin, ofbiz to something else, in which files should I change.
>
> Thanks
>
>
>
>      
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJb6vQrP3NbaWWqE4RAngrAKDM3s7uWYfEx7VnyqFlouoLvFZLpACeOoim
N21rtstRGR5tpjbPmM17Hf8=
=HkPu
-----END PGP SIGNATURE-----
Reply | Threaded
Open this post in threaded view
|

Re: change username and password

BJ Freeman
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

oops that is the system login
admin
is
application/securityext/data/passwordsecuritydata.xml

BJ Freeman sent the following on 1/15/2009 1:34 PM:

> admin is a user login not a party ID.
> if you want to change the seed data
> /framework/security/data/securitydata.xml
> otherwise you can go into the partymgr lookup the admin party and go
> through the logins for each admin login and change the password there.
>
> adithi agarwal sent the following on 1/15/2009 1:12 PM:
>> Hi
>> If I want to change the username and password from admin, ofbiz to something else, in which files should I change.
>
>> Thanks
>
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJb61OrP3NbaWWqE4RAl9bAKCgrDU1SnP0aDInyH+ByqgNI32wWwCdGbe8
OWYwGsdoq78QZAJJPsUvOyg=
=CdoN
-----END PGP SIGNATURE-----
Reply | Threaded
Open this post in threaded view
|

Re: change username and password

S K Pradeep kumar
In reply to this post by myofbiz
Hi,

        Go for user profile in party manager. Under user names  you have the
options to enable or disable and u can change the password.


With regards,
S K Pradeep kumar,
Software Engineer,
Palindrome Software Labs Pvt. Ltd.


On Fri, Jan 16, 2009 at 2:42 AM, adithi agarwal <[hidden email]>wrote:

> Hi
> If I want to change the username and password from admin, ofbiz to
> something else, in which files should I change.
>
> Thanks
>
>
>
>
Reply | Threaded
Open this post in threaded view
|

Re: change username and password

kunal aggarwal
In reply to this post by BJ Freeman
Hello BJ,

I think that xml file contains password in excrypted form. How can one
change that file in that case.

One has to put the encrypted password only in that xml file. i think it
seems impossible to to put encrypted password in xml file?



Kunal


On Fri, Jan 16, 2009 at 3:10 AM, BJ Freeman <[hidden email]> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> oops that is the system login
> admin
> is
> application/securityext/data/passwordsecuritydata.xml
>
> BJ Freeman sent the following on 1/15/2009 1:34 PM:
> > admin is a user login not a party ID.
> > if you want to change the seed data
> > /framework/security/data/securitydata.xml
> > otherwise you can go into the partymgr lookup the admin party and go
> > through the logins for each admin login and change the password there.
> >
> > adithi agarwal sent the following on 1/15/2009 1:12 PM:
> >> Hi
> >> If I want to change the username and password from admin, ofbiz to
> something else, in which files should I change.
> >
> >> Thanks
> >
> >
> >
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFJb61OrP3NbaWWqE4RAl9bAKCgrDU1SnP0aDInyH+ByqgNI32wWwCdGbe8
> OWYwGsdoq78QZAJJPsUvOyg=
> =CdoN
> -----END PGP SIGNATURE-----
>
Reply | Threaded
Open this post in threaded view
|

Re: change username and password

David E Jones-3

On Jan 16, 2009, at 1:20 AM, kunal aggarwal wrote:

> Hello BJ,
>
> I think that xml file contains password in excrypted form. How can one
> change that file in that case.
>
> One has to put the encrypted password only in that xml file. i think  
> it
> seems impossible to to put encrypted password in xml file?

And yet amazingly there is an encrypted password string in the XML  
file...

The easiest is to load the seed, seed-initial, and whatever other  
initial data you need/want and then to change the admin and related  
passwords through the Party Manager, and then you're set to go. The  
passwords are part of the seed-initial data, and that should never be  
loaded again (though if you suspect anything has changed there, then  
you can do a data set diff in webtools to see what is different  
between the database and the data files and selectively make updates).

On a side note, you really should disable the admin account and not  
just change the password. All users, even admin users, should have  
their own individual named accounts. It's a good security practice,  
and mandate for things like PCI compliance.

-David

Reply | Threaded
Open this post in threaded view
|

Re: change username and password

Scott.
David et al,

What special chars are allowed to be used in the passwords. I'm not sure if it applies to all but I seem to have some problems with some of these; !@#$%^&*()_+?

Thanks as always for the help.


David E Jones-3 wrote
On Jan 16, 2009, at 1:20 AM, kunal aggarwal wrote:

> Hello BJ,
>
> I think that xml file contains password in excrypted form. How can one
> change that file in that case.
>
> One has to put the encrypted password only in that xml file. i think  
> it
> seems impossible to to put encrypted password in xml file?

And yet amazingly there is an encrypted password string in the XML  
file...

The easiest is to load the seed, seed-initial, and whatever other  
initial data you need/want and then to change the admin and related  
passwords through the Party Manager, and then you're set to go. The  
passwords are part of the seed-initial data, and that should never be  
loaded again (though if you suspect anything has changed there, then  
you can do a data set diff in webtools to see what is different  
between the database and the data files and selectively make updates).

On a side note, you really should disable the admin account and not  
just change the password. All users, even admin users, should have  
their own individual named accounts. It's a good security practice,  
and mandate for things like PCI compliance.

-David