Unable to reset WAS admin password. unable to login WAS console - websphere

I am unable to login inot WAS Admin console. So I am trying to reset the admin credential after disabling security(security.xml-enabled="false"), but unable to save the new password. Any idea what should I check and troubleshoot?
I tried entering the credentials on soap.clients.props, but no help. WAS version : 7.0

From
http://www-01.ibm.com/support/knowledgecenter/SS7JFU_7.0.0/com.ibm.websphere.messages.doc/com.ibm.ejs.resources.security.html?cp=SS7JFU_7.0.0%2F1-15-7-225
SECJ7342E: Failed to validate user/password
Explanation Failed to validate user password in WIM registry
Action None
The credentials that you entered do they exist in the WIM registry?
From the screen shot it appears that you are using the File Based registry. Check that the ID and passwords match the values in that File Registry.

If you disabled security, then restart your server, so it starts plain, unsecured and enable security again via console. There will be prompt to specify admin user and password (I'm assuming you are using default Federated repository with file based). Provide new password there and restart the server.
In the page you are showing now, leave Server user identity as default - Automatically generated. This is not page, where you change user password.
Settings in soap.clients.props are not related to password changing. Once you set new password via console, you can update that file, so you won't be prompted, when you stop server from the command line.

This technote is also helpful when forgetting your WAS Admin console password:
Forgot password and cannot access WebSphere Application Server administrative console
https://www.ibm.com/support/docview.wss?uid=swg21405302

Related

Wazuh - How to change admin password for web interface

I just installed WAZUH from its OVA.
The web interface is admin/admin
When I click reset password from the web interface i get this error
Failed to reset password. {"status":"FORBIDDEN","message":"Resource 'admin' is read-only."}
enter wazug admin password reset screenshot
I've googled/scanned documentation and can't find out how to change it.
I've looked through /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/config.yml and cant see an option either?
A simple fix but its not just appearing for me via searching/reading the manual
I plan to secure the admin password then create a user account to do my work
Thanks in adavance
The admin and kibanaserver users are set to read-only as security measures, that is why it is not possible to change the password using the WUI and it must be changed in the configuration files.
This section of documentation talks about changing it: https://documentation.wazuh.com/4.0/user-manual/elasticsearch/elastic_tuning.html
Remember to update the new password in /etc/filebeat/filebeat.yml and /etc/kibana/kibana.yml if necessary.
I hope this information is helpful to you.
Best regards.
If running Wazuh on Kubernetes and you need to change the default passwords look for the following files:
elastic-cred-secret.yaml
internal_users.yaml
wazuh-api-cred-secret.yaml
wazuh-authd-pass-secret.yaml
The one caveat is you have to base64 encode the password before updating in the aforementioned files. Afterward, do kubectl patch or apply and your password will be updated.

CFEXECUTE assigning it to run with administrator rights

I am trying to change a password with active directory using cfexecute.
The only code on my page is this (username and the new password are filled in):
<cfexecute
name="c:\windows\system32\cmd.exe"
arguments="NET USER username password /domain"
outputfile="C:\Users\administrator\Desktop\test.txt"
timeout="90">
</cfexecute>
When I tried running this code through dreamweaver on my pc the tab in my browser just kept spinning even after 5 min... I closed the tab went to the server logged in and the text.txt was there empty. But I am unable to delete it because it says coldfusion.exe is using it???? Also it did not change the users password.
So then I opened up the command line on my pc and ran NET USER username password /domain it gave me a System error 5 has occured. Access is denied..
So then I went on to the server logged in as an administrator ran NET USER username password /domain and it worked.
How do I tell cfexecute to run as that administrator when it runs so that it works properly?
I looked up the docs of cfexecute and it is not like cfldap where you can choose a username and password.
Any help with this would be greatly appreciated!
Edit
Also checked log files in admin and it stated this:
Error occurred: coldfusion.tagext.lang.ExecuteTag$TimeoutException: Timeout period expired without completion of c:\windows\system32\cmd.exe
(It cant run that simple command within a 90 second timeout? But runs instantly when I run it in the command line?) Is there something wrong with using cfexecute?
EDIT IS IT POSSIBLE?
To Add a user it always runs as to change the password like so?:
"/c net user /user:domain\Administrator <admin-pwd> username password /domain"
ColdFusion is only able to access the domain and user account that is used by the ColdFusion service.
If you want to authenticate a username/domain against local system or Windows domain using any version of ColdFusion, consider using the CFX_EXEC tag.
http://adiabata.com/cfx_exec.cfm
<CFX_EXEC
CMD="NET USER username password /domain"
USER="Administrator"
PWD="pass"
DOMAIN="domain"
FILE="C:\Users\administrator\Desktop\test.txt">

Supply Username and Password to witadmin

Using witadmin I'm trying to delete a work item on a TFS in a different domain. I therefore use a login that is different from my Windows login, for which I'm asked when opening the web interface.
However, witadmin fails with the following message, not prompting for username and password:
Unable to destroy work item(s) 1. TF237090: Does not exist or access
is denied.
Is there a way to supply credentials as arguments or explicitly make witadmin prompt for credentials?
What solved my problem is the Credential Manager, which is in Control Panel > User Accounts > Manage Your Credentials. I added an item to Windows Credentials containing containing the username and password I need for the TFS.
It doesn't make witadmin ask, but it takes these credentials.

SSRS 2008 R2 - cannot logon to localhost/reports

When attempting to deploy a SSRS 2008 R2 Report to my localhost/ReportServer, or trying to login to localhost/reportserver (via web browser), I am not able to get any further than a security error message.
When trying to access the report server via a web browser, I'm prompted to enter my login credentials. Even though I am the admin on the box, I still receive the following message:
User 'PCName\Me' does not have
required permissions. Verify that
sufficient permissions have been
granted and Windows User Account
Control (UAC) restrictions have been
addressed.
I have also tried launching my browser in Administrator Mode - same issue.
When attempting to deploy a report from VS, I get a similar message:
The permissions granted to user
'PCName\Me' are insufficient for
performing this operation.
Some assistance would be appreciated.
Thanks.
Mark, thanks for the suggestion. I found the answer here where I had to change the report server's authentication type to local.
<Authentication>
<AuthenticationTypes>
<RSWindowsBasic>
<LogonMethod>3</LogonMethod>
<Realm></Realm>
<DefaultDomain></DefaultDomain>
</RSWindowsBasic>
</AuthenticationTypes>
<EnableAuthPersistence>true</EnableAuthPersistence>
</Authentication>
This satisfies my testing needs, but not secure prod environment needs.
"User 'PCName\Me'" sounds like a local logon - have you tried entering your domain logon (including the domain name before the slash - ie. Domain Name \ User Name) and password?

How to change users in TortoiseSVN

I was setting up another user to use our SVN repository. He didn't have a username/password, so I logged in with my credentials. We now have a username/password for him.
How do I get TortoiseSVN to logout and forget the old password so I can enter the new username/password?
Open Windows Explorer.
Right-click anywhere in the window.
Click TortoiseSVN → Settings.
Click Saved Data.
Click Clear beside Authentication Data (see below).
Check the authentication items to clear.
Click OK.
All saved Authentication Data for all projects is deleted.
You will have to re-enter credentials to reconnect.
There are several ways to do it, through settings or by deleting the cache.
Deleting the cache is the most versatile method. First, locate it:
On XP, it was located here:
C:\Documents and Settings\%USER%\Application Data\Subversion\auth\svn.simple\
On Vista, it was located here:
C:\Users\%USER%\AppData\Roaming\Subversion\auth\svn.simple\
Then look in those files with Notepad, and delete the one with your credentials.
If you want to remove only one saved password, e.g. for "user1":
Go to the saved password directory (*c:\Users\USERNAME\AppData\Roaming\Subversion\auth\svn.simple\*)
You will find several files in this folder (named with hash value)
Find the file which contains the username "user1", which you want to change (open it with Notepad).
Remove the file.
Next time you will connect to your SVN server, Tortoise will prompt you for new username and password.
When you use Integrated Windows Authentication (i.e., Active Directory Single Sign-On), you authenticate to AD resources automatically with your AD credentials. You've are already signed in to AD and these credentials are reused automatically. Therefore if your server is IWA-enabled (e.g., VisualSVN Server), the server does not ask you to enter username and password, passing --username and --password does not work, and the SVN client does not cache your credentials on disk, too.
When you want to change the user account that's used to contact the server, you need use the Windows Credential Manager on client side. This is also helpful when your computer is not domain joined and you need to store your AD credentials to access your domain resources.
Follow these steps to save the user's domain credentials to Windows Credential Manager on the user's computer:
Start Control Panel | Credential Manager on the client computer.
Click Add a Windows Credential.
As Internet or network address enter the FQDN of the server machine (e.g., svn.example.com).
As Username enter your domain account's username in the DOMAIN\Username format.
Complete the password field and click OK.
Now when you will contact https://svn.example.com/svn/MyRepo or a similar URL, the client or web browser will use the credentials saved in the Credential Manager to authenticate to the server.
After struggling with this and trying all the answers on this page, I finally realized I had the incorrect credentials stored by windows for the server that hosts our subversion. I cleared this stored value from windows credentials and all is well.
https://web.archive.org/web/20160614002053/http://windows.microsoft.com/en-us/windows7/remove-stored-passwords-certificates-and-other-credentials
Replace the line in htpasswd file:
Go to: http://www.htaccesstools.com/htpasswd-generator-windows/
(If the link is expired, search another generator from google.com.)
Enter your username and password. The site will generate an encrypted line. Copy that line and replace it with the previous line in the file "repo/htpasswd".
You might also need to Clear the 'Authentication data' from TortoiseSVN → Settings → Saved Data.

Resources