How to reset Lost Oracle WebLogic Password for Fusion Middleware Applications

 For WebLogic server, during domain creation screen you create a user weblogic (this could be any name used during domain creation screen) and set password (user and password is stored in weblogic’s embedded LDAP server in hashed format which makes it impossible to decrypt) . This user (weblogic) is then used to login to WebLogic Console and acts as superuser for WebLogic Server including Fusion Middleware (FMW) applications like WebCenter, UCM, OBIEE, ODI …

What if you forgot password for this user after installation ?This post covers steps to create another user in WebLogic domain which will act as super user or create another user with same name (weblogic) with password of your choice.

 Note: This process will remove all users created in weblogic’s embedded LDAP server and there will only be one user (which will act as superuser) after doing below steps.

Steps to create another superuser in weblogic (when password of existing user is lost)

1. Shutdown WebLogic Server (If Running) – Optional Step

2. Login to WebLogic Server and set environment variable

cd $DOMAIN_HOME/bin   (where DOMAIN_HOME is directory in which your domain exists, default value is $MW_HOME/user_projects/domain/base_domain)

. ./setDomainEnv.sh

3. Create a initialization file using command

java weblogic.security.utils.AdminAccount <weblogic_username> <weblogic_user_password> .  (Note the DOT at end of this command)

For Example

java weblogic.security.utils.AdminAccount weblogic welcome1 . (Note the DOT at end of this command)

This will create file  DefaultAuthenticatorInit.ldift in directory from which you executed this command .

4. Move file DefaultAuthenticatormyrealmInit.ldift  from $DOMAIN_HOME/security/ and replace it by  DefaultAuthenticatorInit.ldift generated in step 3

5. Move data directory under $DOMAIN_HOME/servers/<serverName>/datato another directory like data.bak (data directory contains files related to embedded LDAP and role mapping file). Replace <serverName> with WebLogic Server like AdminServer and managed server. Repeat this step for all managed servers which are part of this domain.

This step will remove all existing users/groups from WebLogic’s embedded LDAP server (recreate these users/groups in setp8)

6.Recreate boot.properites (if any) under $DOMAIN_HOME/servers/<serverName>/security with username and password created in step 3 above like
USERNAME=weblogic
PASSWORD=welcome1

7.Start (or restart) Admin Server and test if you can login to weblogic console using new username and password. 

8. Recreate any users/groups(which were part of default authenticator prior to new super user creation) or import existing users (from weblogic’s servers embedded LDAP server backup)

About the Author Masroof Ahmad

Leave a Comment:

15 comments
balam says September 19, 2012

Hi There,
It is a awesome posting. Gr8, it saved me 1 day of recovery…

Thanks a lot
Bala

Reply
sloan mary says June 28, 2013

How to add a custom search template in component wizard ,so that it will be available to every user.

Reply
rajalaxmi says July 25, 2013

Can I reset password without disturbing the present users. Just can i update instead of losing all other user and recreating again.

Reply
    Atul Kumar says July 25, 2013

    rajalaxmi,
    If you know the existing password then you can login to console and change it without disturbing the present user. If you can’t remember the password then you must re-create the user.

    Reply
armağan says June 10, 2014

If i have full domain_home backup .
(I backed up domain home directory by
tar -cvf /backup_domain.tar $DOMAIN_HOME ).
Is it work if i replace folders new one ?

Reply
    Atul Kumar says June 10, 2014

    Yes, It should . Only thing you need to worry about is JMS and TLOGS (If you are not using them then it should be fine) else roll back database too .

    Reply
armağan says June 11, 2014

Thank you ver much sir,

Kind regards.

Reply
gsm says September 18, 2014

Hello Atul,
I am new to weblogic and soa. Currently I am using the same user id(weblogic) and password for WebLogic and SOA application. I would like to create a new user and password for SOA application with the same priveleges(weblogic). This will ensure that my users will not be able to login to the web console.

Hope you can assist me with this.

Thanks
sm

Reply
vikas says October 13, 2014

Hi Atul youy posts are very helfful.

I have changed my admin users(weblogic) password from console.

I have made the same changes into ucm server boot.properties file.

But still after changing password I am not able to start UCM server.Actually it is coming into running state but I am not able to open UCM console.

I am getting logs as below.

Kindly help me on this.

Regards,
vikas

Reply
vikas says October 14, 2014

Caused By: intradoc.common.ServiceException: !csConfigDirectoryIsNotValid,IdcHomeDir!syFileUtilsDirNotFound,\\s7-p401590MiddlewareOracle_ECM1ucmidc
at intradoc.common.FileUtils.validatePath(FileUtils.java:1569)
at intradoc.server.LegacyDirectoryLocator.computeHomeDirectory(LegacyDirectoryLocator.java:184)
at intradoc.server.LegacyDirectoryLocator.buildRootDirectories(LegacyDirectoryLocator.java:151)
at intradoc.server.IdcSystemConfig.initConfigEarly(IdcSystemConfig.java:196)
at intradoc.server.IdcSystemConfig.loadInitialConfig(IdcSystemConfig.java:323)
at intradoc.server.IdcServerManager.init(IdcServerManager.java:100)
at intradoc.idcwls.IdcServletRequestUtils.initializeServer(IdcServletRequestUtils.java:626)
at intradoc.idcwls.IdcServletRequestUtils.initializeServer(IdcServletRequestUtils.java:457)
at intradoc.idcwls.IdcIntegrateWrapper.initializeServer(IdcIntegrateWrapper.java:103)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at idcservlet.common.IdcMethodHolder.invokeMethod(IdcMethodHolder.java:87)
at idcservlet.common.ClassHelperUtils.executeMethodEx(ClassHelperUtils.java:305)
at idcservlet.common.ClassHelperUtils.executeMethodWithArgs(ClassHelperUtils.java:278)
at idcservlet.ServletUtils.initializeContentServer(ServletUtils.java:1257)
at idcservlet.ServletUtils.startAndConfigureServer(ServletUtils.java:531)
at idcservlet.ServletUtils.initializeAllServers(ServletUtils.java:460)
at idcservlet.IdcFilter.initContentServer(IdcFilter.java:181)
at idcservlet.IdcFilter.init(IdcFilter.java:156)
at weblogic.servlet.internal.FilterManager$FilterInitAction.run(FilterManager.java:343)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.FilterManager.loadFilter(FilterManager.java:96)
at weblogic.servlet.internal.FilterManager.preloadFilters(FilterManager.java:57)
at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1872)
at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3154)
at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1518)
at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:484)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:671)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:59)
at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
>!csConfigDirectoryIsNotValid,IdcHomeDir!syFileUtilsDirNotFound

Reply
kalyan says May 14, 2015

sir,
while executing
java.weblogic…….. cmd
i am getting ERROR
“Colud not find or load main class weblogic.security.utils.AdminAccount”

i have stopped wls by stopWeblogic.sh -tryed – error
also tyred while wls running -but same error . guide me pls!!

Reply
kalyan says May 14, 2015

sir,
while executing
java.weblogic…….. cmd
i am getting ERROR
“Could not find or load main class weblogic.security.utils.AdminAccount”

i have stopped wls by stopWeblogic.sh -tryed – error
also tyred while wls running -but same error . guide me pls!!

Reply
Abc says June 7, 2016

step no 2 is not working i am getting following error
Exception in thread “main” java.lang.NoClassDefFoundError: weblogic/security/utils/AdminAccount
Caused by: java.lang.ClassNotFoundException: weblogic.security.utils.AdminAccount
at java.net.URLClassLoader$1.run(URLClassLoader.java:217)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:205)
at java.lang.ClassLoader.loadClass(ClassLoader.java:323)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:294)
at java.lang.ClassLoader.loadClass(ClassLoader.java:268)
Could not find the main class: weblogic.security.utils.AdminAccount. Program will exit.

please assist me ASAP

Reply
Darryl Price says June 10, 2018

And what if you get a class not found error when you attempt to execute the AdminAccount class? Either my classpath is set incorrectly OR the required class or JAR doesn’t exist on my system

Reply
nethi says January 30, 2019

How to reset weblogic password for SOA and OSB environments? Please provide steps if any one families on this.

Reply
Add Your Reply