Appreciations accepted

Vladlen Litvinov, the author: If you have some job offer for me, I'm ready to discuss it. View Vladlen Litvinov's profile on LinkedIn

Password

Friday, December 14, 2012

How to restore WAS BPM administration password?

You are coming to office on Monday and finding the note from your Senior Administrator:
«I hate this job. Departed to Goa. Don’t search me».
But you don’t know any administrative passwords.
What to do?

Action 1. You want to know password of WAS BPM administrator and tw_admin password

Pay your attention to the file <Your BPM profile Home>/config/cells/<YourCellName>/security.xml

Find these strings:

<userRegistries xmi:type="security:WIMUserRegistry" xmi:id="WIMUserRegistry_1" serverId="admin" serverPassword="{xor}Fhc+KzoLNzYsFTA9" realm="defaultWIMFileBasedRealm" ignoreCase="true" useRegistryServerId="false" primaryAdminId="admin" registryClassName="com.ibm.ws.wim.registry.WIMUserRegistry"/>
 
<authDataEntries xmi:id="JAASAuthData_1355405911516" alias="BPMAdmin_Auth_Alias" userId="tw_admin" password="{xor}Fhc+KzoLNzYsFTA9" description="Authentication Alias for BPM Admin"/>

Red colour marks the necessary encrypted passwords. Just for simplicity they are identical.

Let's decrypt them.

cd /<BPM_Home_folder>/lib

IBM BPM 7.5 (7.5.1.1)

/<BPM_Home_folder>/java/jre/bin/java -Djava.ext.dirs=/<BPM_Home_folder>/deploytool/itp/plugins/com.ibm.websphere.v7_7.0.3.v20110824_2356/wasJars -cp securityimpl.jar:iwsorb.jar com.ibm.ws.security.util.PasswordDecoder {xor}Fhc+KzoLNzYsFTA9
encoded password == "{xor}Fhc+KzoLNzYsFTA9", decoded password == "IHateThisJob"


IBM BPM 8.0 (8.0.1)

/<BPM_Home_folder>/java/jre/bin/java -Djava.ext.dirs=/<BPM_Home_folder>/deploytool/itp/plugins/com.ibm.websphere.v8_1.0.201.v20111031_1843/wasJars -cp securityimpl.jar:iwsorb.jar com.ibm.ws.security.util.PasswordDecoder {xor}Fhc+KzoLNzYsFTA9
encoded password == "{xor}Fhc+KzoLNzYsFTA9", decoded password == "IHateThisJob"


Also you can do the reverse action:

/<BPM_Home_folder>/java/jre/bin/java -Djava.ext.dirs=/<BPM_Home_folder>/deploytool/itp/plugins/com.ibm.websphere.v7_7.0.3.v20110824_2356/wasJars -cp securityimpl.jar:iwsorb.jar com.ibm.ws.security.util.PasswordEncoder IHateThisJob
decoded password == "IHateThisJob", encoded password == "{xor}Fhc+KzoLNzYsFTA9"

 

12 comments:

  1. Can we change the password after the app goes live ? What are the steps to change it?

    ReplyDelete
  2. Hi Lavanya,
    Yes, you can.
    I won't describe it because this way is described in IBM Information Center.
    http://pic.dhe.ibm.com/infocenter/dmndhelp/v7r5mx/index.jsp?topic=%2Fcom.ibm.wbpm.imuc.sbpm.doc%2Ftopics%2Ftchang_tw_adm_nd_pw.html
    http://pic.dhe.ibm.com/infocenter/dmndhelp/v8r0mx/index.jsp?topic=%2Fcom.ibm.wbpm.imuc.ebpmps.doc%2Ftopics%2Ftchanging_admin_password.html
    http://pic.dhe.ibm.com/infocenter/iisinfsv/v8r5/index.jsp?topic=%2Fcom.ibm.swg.im.iis.found.admin.common.doc%2Ftopics%2Fwasadmin_changing_username_pwd.html

    etc...


    Thanks for reading my blog!

    ReplyDelete
    Replies
    1. Hi, The BPM SIBus is always in partial start after cluster restarts but SIBus is not coming up with green color, that is actual issue at BPMv8501

      [6/3/14 17:36:56:672 EDT] 000000cc DataTransferS E CWLLG1031E: An exception has occurred. Error: CWSIA0241E: An exception was received during the call to the method JmsManagedConnectionFactoryImpl.createConnection: com.ibm.websphere.sib.exception.SIResourceException: CWSIT0008E: A successful connection was made to the bootstrap server at localhost:9096:BootstrapSecureMessaging but the server returned an error condition: CWSIT0088E: There are currently no messaging engines in bus BPM.DeSingle.Bus running. Additional failure information: CWSIT0103E: No messaging engine was found that matched the following parameters: bus=BPM.DeSingle.Bus, targetGroup=SingleCluster, targetType=BusMember, targetSignificance=Required, transportChain=InboundSecureMessaging, proximity=Bus..
      com.lombardisoftware.core.TeamWorksException: CWSIA0241E: An exception was received during the call to the method JmsManagedConnectionFactoryImpl.createConnection: com.ibm.websphere.sib.exception.SIResourceException: CWSIT0008E: A successful connection was made to the bootstrap server at localhost:9096:BootstrapSecureMessaging but the server returned an error condition: CWSIT0088E: There are currently no messaging engines in bus BPM.DeSingle.Bus running. Additional failure information: CWSIT0103E: No messaging engine was found that matched the following parameters: bus=BPM.DeSingle.Bus, targetGroup=SingleCluster, targetType=BusMember, targetSignificance=Required, transportChain=InboundSecureMessaging, proximity=Bus..
      at com.lombardisoftware.core.TeamWorksException.asTeamWorksException(TeamWorksException.java:136)
      at com.lombardisoftware.server.queue.RecordQueue.queue(RecordQueue.java:359)

      Delete
    2. I have tried with delete and drop options for SIB-tables on database, and restarted the deployment environment with cluster, verified the database, SIB tables are re-created in Database but still getting the same issue.

      Delete
  3. [6/3/14 17:36:56:672 EDT] 000000cc DataTransferS E CWLLG1031E: An exception has occurred. Error: CWSIA0241E: An exception was received during the call to the method JmsManagedConnectionFactoryImpl.createConnection: com.ibm.websphere.sib.exception.SIResourceException: CWSIT0008E: A successful connection was made to the bootstrap server at localhost:9096:BootstrapSecureMessaging but the server returned an error condition: CWSIT0088E: There are currently no messaging engines in bus BPM.DeSingle.Bus running. Additional failure information: CWSIT0103E: No messaging engine was found that matched the following parameters: bus=BPM.DeSingle.Bus, targetGroup=SingleCluster, targetType=BusMember, targetSignificance=Required, transportChain=InboundSecureMessaging, proximity=Bus..
    com.lombardisoftware.core.TeamWorksException: CWSIA0241E: An exception was received during the call to the method JmsManagedConnectionFactoryImpl.createConnection: com.ibm.websphere.sib.exception.SIResourceException: CWSIT0008E: A successful connection was made to the bootstrap server at localhost:9096:BootstrapSecureMessaging but the server returned an error condition: CWSIT0088E: There are currently no messaging engines in bus BPM.DeSingle.Bus running. Additional failure information: CWSIT0103E: No messaging engine was found that matched the following parameters: bus=BPM.DeSingle.Bus, targetGroup=SingleCluster, targetType=BusMember, targetSignificance=Required, transportChain=InboundSecureMessaging, proximity=Bus..
    at com.lombardisoftware.core.TeamWorksException.asTeamWorksException(TeamWorksException.java:136)
    at com.lombardisoftware.server.queue.RecordQueue.queue(RecordQueue.java:359)

    ReplyDelete
  4. I have seen this message from FFDC logs

    6/3/14 17:08:33:004 EDT] FFDC Exception:com.ibm.db2.jcc.am.SqlException SourceId:com.ibm.ws.sib.msgstore.persistence.impl.PersistentMessageStoreImpl.start ProbeId:1:204:1.47.1.52 Reporter:com.ibm.ws.sib.msgstore.persistence.impl.PersistentMessageStoreImpl@9c93f086
    com.ibm.db2.jcc.am.SqlException: DB2 SQL Error: SQLCODE=-443, SQLSTATE=38553, SQLERRMC=SYSIBM.SQLTABLES;TABLES;SYSIBM:CLI:-805, DRIVER=4.11.69
    at com.ibm.db2.jcc.am.gd.a(gd.java:679)
    at com.ibm.db2.jcc.am.gd.a(gd.java:60)
    at com.ibm.db2.jcc.am.gd.a(gd.java:127)
    at com.ibm.db2.jcc.am.jn.b(jn.java:2230)
    at com.ibm.db2.jcc.am.jn.c(jn.java:2213)
    at com.ibm.db2.jcc.t4.cb.k(cb.java:369)
    at com.ibm.db2.jcc.t4.cb.e(cb.java:97)
    at com.ibm.db2.jcc.t4.q.e(q.java:81)
    at com.ibm.db2.jcc.t4.rb.k(rb.java:160)
    at com.ibm.db2.jcc.am.jn.lb(jn.java:2179)
    at com.ibm.db2.jcc.am.kn.b(kn.java:3920)
    at com.ibm.db2.jcc.am.ln.fc(ln.java:152)
    at com.ibm.db2.jcc.am.lc.a(lc.java:7809)
    at com.ibm.db2.jcc.am.lc.Zd(lc.java:6405)
    at com.ibm.db2.jcc.am.lc.getSchemas(lc.java:6333)
    at com.ibm.ws.rsadapter.jdbc.WSJdbcDatabaseMetaData.getSchemas(WSJdbcDatabaseMetaData.java:1589)
    at com.ibm.ws.sib.msgstore.persistence.impl.DatabaseMetaDataExtensions.getSchemas(DatabaseMetaDataExtensions.java:303)
    at com.ibm.ws.sib.msgstore.persistence.impl.Table.schemaExists(Table.java:560)
    at com.ibm.ws.sib.msgstore.persistence.impl.Table.initialize(Table.java:266)
    at com.ibm.ws.sib.msgstore.persistence.impl.MEOuterOwnerTable.initialize(MEOuterOwnerTable.java:80)
    at com.ibm.ws.sib.msgstore.persistence.impl.TableManager$1.run(TableManager.java:263)
    at com.ibm.ws.sib.msgstore.persistence.impl.DatasourceController.performFirstAction(DatasourceController.java:231)
    at com.ibm.ws.sib.msgstore.persistence.impl.TableManager.initialize(TableManager.java:248)
    at com.ibm.ws.sib.msgstore.persistence.impl.PersistentMessageStoreImpl.start(PersistentMessageStoreImpl.java:198)
    at com.ibm.ws.sib.msgstore.impl.MessageStoreImpl.start(MessageStoreImpl.java:1569)
    at com.ibm.ws.sib.admin.impl.JsMessagingEngineImpl.start(JsMessagingEngineImpl.java:638)
    at com.ibm.ws.sib.admin.impl.HAManagerMessagingEngineImpl.conditionalStart(HAManagerMessagingEngineImpl.java:2338)
    at com.ibm.ws.sib.admin.impl.HAManagerMessagingEngineImpl.activate(HAManagerMessagingEngineImpl.java:1334)
    at com.ibm.ws.sib.admin.impl.JsActivationThread.run(JsActivationThread.java:94)

    ==> Performing default dump from com.ibm.ws.sib.utils.ffdc.SibDiagnosticModule :Tue Jun 03 17:08:33 EDT 2014
    SIB FFDC dump for::com.ibm.db2.jcc.am.SqlException: DB2 SQL Error: SQLCODE=-443, SQLSTATE=38553, SQLERRMC=SYSIBM.SQLTABLES;TABLES;SYSIBM:CLI:-805, DRIVER=4.11.69
    Platform Messaging :: Messaging engine::[BPM.DeSingle.Bus:SingleCluster.000-BPM.DeSingle.Bus]
    Platform Messaging :: Release name: :WAS855.SIB
    Platform Messaging :: Level name: :cf021409.0

    ReplyDelete
  5. Hi,
    Looking on your last post I think you have a trouble with your database. Have you update your DB recently? I had the same error after some update. You need to bind your DB before using it.
    Please read this link and try.
    http://www-01.ibm.com/support/docview.wss?uid=swg21369762
    Good luck.

    ReplyDelete
  6. Yes, I have updated the db2 database sever v10.0 with fixpack-2 ...!!!

    ReplyDelete
  7. I have tried but it got failed with 3 errors fro grants

    FYI

    C:\Users\db2admin>db2 bind db2schema.bnd blocking all grant public

    LINE MESSAGES FOR db2schema.bnd
    ------ --------------------------------------------------------------------
    SQL0061W The binder is in progress.
    SQL0031C File "C:\Users\db2admin\db2schema.bnd" could not be
    opened.
    SQL0082C An error has occurred which has terminated
    processing.
    SQL0092N No package was created because of previous errors.
    SQL0091N Binding was ended with "3" errors and "0" warnings.

    C:\Users\db2admin>

    ReplyDelete
    Replies
    1. You use the incorrect folder: this file is in C:\Program Files\IBM\SQLLIB\bnd

      Delete
  8. Do you have any cross cell configration between bpm and websphere business monitor server??

    ReplyDelete
    Replies
    1. Yes, I did it. Look at http://www-01.ibm.com/support/docview.wss?uid=swg27041520

      Delete