3 Replies Latest reply: Jan 24, 2014 10:25 AM by Kalyan Pasupuleti-Oracle RSS

Recover from old ldap file

sharar01 Newbie
Currently Being Moderated

Hi All,

 

We faced a problem with the weblogic password as we kept getting the authentication error when we tried to login to console or sbconsole.

 

We had to reset the password for weblogic admin user for which we renamed the ldap directory in the AdminServer/data/ and reset the password.

 

Now we are able to login to console using the weblogic password, but not able to login to sbconsole.

 

As the ldap folder was renamed, the users and groups were also lost. Since I dont have the security realms export, I am not able to restore the data.

 

I still have the old ldap folder. Can you please help me in recovering the groups and users from the old ldap folder?

 

Regards,

Anup

  • 1. Re: Recover from old ldap file
    Kalyan Pasupuleti-Oracle Expert
    Currently Being Moderated

    Hi Anup,

     

    Try this once,

     

     

    For change the password you need  do the next step:

    1.- You need access  to sbconsole

    2.- Click at the left menu panel  in configuration security.

    3.-Select the user administrator that you want to change password (in this case my adminuser, common de administrator user is weblogic )

    4.-click in button configuration and put the new password.

    5.-when you change password disconnect of sbconsole and connect wtih new credentials. You need do the same step for Enterprise Manager and console. Only to be sure that the password change correctly.

    6.- Go to the DOMAIN_HOME/security  and create Backup to the files exist in this folder.

    7.- go to DOMAIN_HOME/bin and execute setDomainEnv.sh

    8.- The next step you create the new credentials with execute  this command:

    java weblogic.security.utils.AdminAccount <NewAdminUserName> <NewAdminPassword> .

    example

    java weblogic.security.utils.AdminAccount adminuser welcome1 /u01/app/Middleware/user_projects/domain/base_domain/security

    9.- backup files from /  this folder  DOMAIN_HOME/server/Adminserver/data  and DOMAIN_HOME/server/domain_name/data (in my case domain_name is base_domain ex: DOMAIN_HOME/server/base_domain/data)

    10.- Update password in file boot.properties (DOMAIN_HOME/servers/AdminServer/security and  DOMAIN_HOME/servers/domain_name/security)

    11.- You restart weblogic and access sucessfully with the new password.



    Regards,

    Kal

  • 2. Re: Recover from old ldap file
    sharar01 Newbie
    Currently Being Moderated

    Thanks for answer Kal.

    But I have already done this. But the problem is that some groups and users which are created under DefaultAuthenticatorInit.ldift which are lost. That is causing some problem to login to sbconsole I believe.

     

    When we use the command java weblogic.security.utils.AdminAccount

     

    Do u know how we can create the users like ALSBSystemGroup, IntegrationAdministrators and IntegrationDeployers in the DefaultAuthenticatorInit.ldift

     

    Regards,

    Anup

  • 3. Re: Recover from old ldap file
    Kalyan Pasupuleti-Oracle Expert
    Currently Being Moderated

    Hi Anup,

     

    Check that following users and group membership exists on your Weblogic Server:

    Group Membership
    AdminChannelUsers
    Administrators --> IntegrationAdministrators
    ALSBSystemGroup
    AppTesters
    CrossDomainConnectors
    Deployers  --> IntegrationDeployers
    IntegrationAdministrators --> AdminChannelUsers
    IntegrationDeployers --> AdminChannelUsers
    IntegrationMonitors --> AdminChannelUsers
    IntegrationOperators --> AdminChannelUsers

    Users:
    alsb-system-user --> ALSBSystemGroup

     

    If you create alsb-system-user  any password will do.

     

    Restart the Admin and OSB managed servers.

     

     

    Regards,

    kal

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points