Did you forget your WebLogic Admin User password?

Posted by Dirk Nachbar on Friday, June 04, 2010
Several month ago you install your Oracle Fusion Middleware Environment, you didn't connect to the WebLogic console and now you realize, that you forget the password of the WebLogic Server Admin User "weblogic".
Here is a small How To in order to reset the Admin User "weblogic" password.

1st Step: Stop your Weblogic Server, if it's running
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin
oracle@server>./stopWebLogic.sh <your_server>

2nd Step: Source the necessary environment variables for your WebLogic Server
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin
oracle@server>./setDomainEnv.sh

3rd Step: Creation of a new WebLogic Server Admin User
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/security

# the first value after the command "java weblogic.security.utils.AdminAccount"
# is the new username
# the second value is the password for the new Admin User
# IMPORTANT !!! After the password value you must place a "." (dot) !!!!
# This command will update the DefaultAuthenticatorInit.ldift
# configuration file

oracle@server>java weblogic.security.utils.AdminAccount myadmin oracle11g .
4th Step: Delete the file DefaultAuthenticatormyrealmInit.initialized
oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/servers/AdminServer/data/ldap
oracle@server>rm DefaultAuthenticatormyrealmInit.initialized

5th Step: Startup the WebLogic Server
# Depending if you are using a boot.properties file
# you must choose between the two following options
# a) Without boot.properties configuration file

oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin
oracle@server> ./startWebLogic.sh <your_domain>

# Here you will be prompted for your WebLogic Server Admin User and his Password
# Use now your newly created Admin User

# b) With a configured boot.properties configuration file
# Remove your boot.properties configuration file

oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/servers/AdminServer/security
oracle@server>rm boot.properties

# Startup your WebLogic Server

oracle@server>cd $MW_HOME/user_projects/domains/<your_domain>/bin
oracle@server> ./startWebLogic.sh

# Here you will be prompted for your WebLogic Server Admin User and his Password
# Use now your newly created Admin User

For the above mentioned two options see my Blog Post http://dirknachbar.blogspot.com/2009/08/security-hole-in-fusion-middleware-11g.html

6th Step: Login to your WebLogic Server Console with your newly created Admin User and change the password of the original WebLogic Server Admin User "weblogic"
# Navigate to "Security Realms"
# There you'll see two Admin Users: weblogic and your newly created Admin User
# Change the password of the user weblogic

7th Step (optionally): If you was using a boot.properties configuration file before, you must recreate it with the new values for the Admin User and the reseted password

Additional Note (26.01.2011): Please be aware that the above described procedure is NOT working with a database security store !!! (Thanks for the input from Nazir, see comments below)