Can't connect after changing BI Publisher Administrator password

612389

I have a single machine instance of OBIEE 10.1.3 on Windows. All elements have been working fine and I have been able to successfully sign on to:

1) BI Publisher
2) Dashboards/Answers
3) BI Administrator

However, today I decided to change my 'Administrator' password in BI Publisher for good order's sake. And now after making that change I get an error reading:

{color:#0000ff}*'The server can not be used due to a configuration error, please contact the administrator. If you are the administrator, please consult BI Publisher user guide for proper configuration'*{color}

With 'error detail' reading: oracle.apps.xdo.security.ValidateException

Using the old BI Publisher password also returns an error (invalid user/password). I also stopped and started OC4J service all Oracle BI products. My BI Administrator signon still works fine.

I've read several posts about failed connections like this and ran across one that implied that characters in the new password such as *, #, $ will create problems. Unfortunately my new password does contain some of these characters {:>0 and I suspect this may be the issue My question: What is the least complicated way to back out of this situation and simply restore my sign on? I'm totally focused on data architecture and reports on this single user system right now. Thanks

Madan Thota

there would be some impact when you change the password of administrator. Because BI PUblihser configuration file will have an entry for BI password and that wont get updated automatically,

Check this,

http://oraclebizint.wordpress.com/2008/04/11/oracle-bi-ee-101332-changing-administrator-passwords-impact-on-bi-scheduler-and-bi-publisher-understanding-impersonation/

- Madan

678316

Please not that the Publisher uses an impersonator to log into the repository. U have changed the password of the RPD and have not chnaged the impersonator password. Run the utility(cryptotools) to configure the impersonator with the new passphrase and also update changes in xmlconfig as well as instanceconfig. Restart the services.... it has to work...

612389

Thanks very much for both replies. I have read much of your referenced materials and now understand the need to sync passwords but I'm not that comfortable with all the steps. I am puzzled to read (from user OBIEE+) that I changed the password to the RPD since I can log into BI Administrator, open any rpd file and see the 3 layers and all.

So, what I'd really like to do is change the Administrator password back to its former value, instead of making 4 or 5 changes to various other files and apps. What's the best way to do that? The Administrator password needs to be changed in either case since I read that I should not use the illegal characters * and # which I used in the current password. Thanks.

678316

W.R.T RPD u can change and re-login with the new password and view all layers... not a problem at all...

612389

My question is: How can I change the administrator password in the repository back to what it was? What tools/programs do I use? cryptotools? What would the entry look like? I have done all the reading and still can't figure this all out and don't want to make another miscue. I'll never change another password again unless it's absolutely necessary...Thanks

Madan Thota

John,

You don't need any tool to change the administrator password. Open Repository,Go to Manage Security, Open Administrator Properties, Change the password there. Once this is done then restart BI server. that will fix everything back, if you have not changed any thing else.

612389

Madan,
Thanks for your reply. Ok, I opened the 'BI Administration Tool' using the first (old) password. I went to 'Manage/Security/Users' and changed the password for 'Administrator' to the first password. I'm not sure if it was actually a change since it only showed '******' in the password field. I then restarted the BI Server and also restarted OC4J for good measure. but when I try to open 'BI Publisher' I am still getting the same error:

The Server cannot be used due to a configuration error: oracle.apps.xdo.security.ValidateException

Again, all I did to create this problem was to sign on to 'BI Publisher Enterrprise'. Then I chose the ADMIN tab. Then either on that screen or thru one more click I was at the password screen. (I remember it had empty fields for a 'SUPERUSER' in the middle of the screen which I did not touch .) At the bottom of the screen was a field for an Administrator password. I changed this thinking it was just a good idea. Then I closed BI Publisher and since then I have been unable to open BI Publisher without this error. That is all that I did. More ideas? If not, I may go for a full reinstall. Thanks, John

Madan Thota

Ok, Lets do it this way.

Goto C:\OracleBI\xmlp\XMLP\Admin\Configuration and edit xmlp-server-config.xml.

find BI_SERVER_SECURITY_ADMIN_PASSWORD and change the value this entry to the password given in RPD.

Restart oc4j and services. This will work.

Lets see if it does not work, then we need to edit CredentialStore.xml file which is located in C:\OracleBIData\web\config

In this file scroll down to last, where you will see username and password entries. modify them based on your password given rpd and xmlpserverconfig.xml file. restart everything. thats it.

- Madan

612389

Madan,
Thanks for your help.

The password in xmlp-server-config.xml is encrypted. It looks (similar) to this:

<property name="BI_SERVER_SECURITY_ADMIN_PASSWORD_ENC" value="C14CD2495C033BB8E816E10BCDC25372" />
<property name="BI_SERVER_SECURITY_ADMIN_USERNAME" value="Administrator" />

I tried changing the encrypted password to my password but got a java sign on error.

I then modified the last block in CredentialStore.xml and restarted the BI Server and OC4J but I still get the 'oracle.apps.xdo.Security.ValidateException' error when signing on to BI Publisher. Here's the entry with the (dummy) password which
I tried with the first change above and without the first change above.


<!-- This credential is used for storing the username/password that is required
for SSO impersonation in BI Publisher. In this example, the passphrase is shown inline. -->

<sawcs:credential type="usernamePassword" alias="bipublisheradmin">
<sawcs:username>Administrator</sawcs:username>
<sawcs:password passphrase="Buffalo">
<xenc:EncryptedData>
<xenc:EncryptionMethod Algorithm="http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5#pbes2">
<pkcs-5:PBES2-params Algorithm="http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-5#pbkdf2">
<pkcs-5:KeyDerivationFunc>
<pkcs-5:Parameters>
<pkcs-5:IterationCount>1024</pkcs-5:IterationCount>
</pkcs-5:Parameters>
</pkcs-5:KeyDerivationFunc>
<pkcs-5:EncryptionScheme Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
</pkcs-5:PBES2-params>
</xenc:EncryptionMethod>
<xenc:CipherData>
<xenc:CipherValue>w39PaFUeq3zbMiB3clljRQ</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</sawcs:password>
</sawcs:credential>
-->

</sawcs:credentialStore>

Thanks for any additional comments. John

Madan Thota

Sorry, i dont know you are using SSO.

Any way as a last try, Change the follwing line in the xmlp-server-config.xml .

FROM:
<property name="BI_SERVER_SECURITY_ADMIN_PASSWORD_ENC" value="C14CD2495C033BB8E816E10BCDC25372" />

TO:
<property name="BI_SERVER_SECURITY_ADMIN_PASSWORD" value="YourPassoword" />

just remove _ENC and write your password in value. restart and let me know.

- Madan