powered by Jive Software

Resetting admin passwords


#21

Glad you finally find a solution

Guus, what you think if i file a ticket about adding a safeguard to openfire.xml to eliminate such situation? Like adding a tag with a default value false. If it is changed to true and a server is restarted it will make admin password ‘admin’ again.


#22

We might already have such an option: you can re-start the setup. There you should be able to re-set the admin account. Haven’t tried that before, but I just saw Daryl mention it to someone in the chat…


#23

I thought about this and tried it yesterday. It demands old admin password to do this.


#24

I was wrong. When re-running the setup, it asks for a current admin password, but you can put anything into this field and it still works. So, yes, this is an option and quite fast one compared to all the hassle we had here trying to advise how to edit this xml


#25

Ah, that is good to know!


#26

Tried that. I’ve copied the ofproperty db from another install. I think this is messing things up. I tried all the options on this one -> Adding or deleting admin accounts to Openfire

Using this works. However it’s pointed to internal database (line 41). So if I use method to get in how do I change the db it’s pointed to?


#27

I have moved my Openfire database over to SQLServer and LDAP, and the admin password is in the ofProperty table in the ldap.adminPassword property value. This is in plain text.

Also useful if you change your ldap server as the ldap.host property is also here. This is where the admin.authorizedJIDs are also. Not sure if this gets overridden by the openfire.xml though.


#28

Openfire 4.0.2 on Windows with embedded database and re-running setup like this no longer works. Still have to use the actual password for the old admin account, which I don’t remember. And now all of my admin accounts are locked out. Sigh. I do have a backup, though. But I will try the and restart service and hope that works.


#29

The didn’t work either. So now I am hosed.


#30

OK, not hosed. I made a backup right before I messed with any of it and did a restore and I am back in using my user account which was an administrator. But I still want to reset the password for the “admin” account and have no idea how to do it under Openfire 4.0.2 because none of this has worked so far. Thanks.


#31

OK, so nevermind. Another administrator had accidentally deleted the admin user, and I did not realize it was an actual user account. So I created the admin user again with the password that we want to use and all is good now. So thanks. Hope that helps someone.


#32

This reset of the admin password does not work for me. It refuses to accept the “old password”. I am not using LDAP. I looked in the ofProperty table, and do not see a password there. There is a passwordKey, but that does not work.

This is on Openfire 4.1 and OpenSUSE Leap 42.2 64-bits

Help!


#33

unfortunately you have to type correct old password, which I did not remember. The way I went aroud it was:

  1. edit /usr/share/openfire/conf/openfire.xml and after setting setup tag to false: false
  2. enter the web console, the setup restarts, most settings are remembered, I click on “Next” until the page where you setup admin password
  3. In the edit box asking for the current password, I type “admin”, which is not the current password (I can’t remember the actual one), and I set the new password as I see fit BUT I do not click “Next” just yet…
  4. I login to the server where I have MySQL database that my openfire is configured to use, and in the database I manually update the admin user password to “admin”. The users are in the table ofUser, and they are encrypted, and even salted, BUT each row also has a column called “plainPassword” which (by default) is set to NULL, so I simply run: update ofUser set plainPassword=‘admin’ where username=‘admin’; and return to the web interface, hit “Next” and get accepted.
  5. After that, I return to my mysql db and just double check: select * from ofUser; and I see that password hash is updated, and the “plainPassword” field is again NULL, so all good
  6. I go to the main login page of the admin console, and all works like a charm. Cheers!

I hope this helps somebody. I couldn’t really follow none of the advices here, because some parts of my case were different. I didn’t have ANY user but the admin user, and I didn’t remember its password. I just figured that it all must be stored in the db and I just peeked at it, and seeing column called “plainPassword” that was NULL I just made a guess, which saved my day. In the end I think this routine is even less hustle than temporarily allowing another user as admin (requires less edit in the openfire.xml file), and certainly less hustle than creating a new user with Spark just for the sake to temporarily granting it admin access. The only requirement is that you must remember your mysql (or other db you are using) server root password. If you don’t even remember that, then it is not great, but at least in the case of MySQL recovering that one is not that hard either. Cheers!


#34

Just an update
This works and do following as well

update ofUser set encryptedPassword=NULL where username='admin';

When I did that, it worked like a charm
Thanks @KrisJace for your steps. Really appreciate it