You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ofbiz.apache.org by Torsten Schlabach <ts...@gmx.net> on 2007/03/12 15:21:24 UTC
Recover lost admin password
Hi!
I have an OFBiz installation where someone changed the standard password
of admin / ofbiz to something else, but it got lost. There are other
users in the system, but none of them has sufficient privilegdes to
reset the password for admin.
Is there a simple way of fixing this?
Regards,
Torsten
Re: Recover lost admin password
Posted by Richard Fleming <ri...@thebva.com>.
You can also sign in to the ecommerce app and have it email you a new password.
Another reason to hold usernames of admin and such close to the chest.
Rick
"David E. Jones" <jo...@hotwaxmedia.com> wrote:
On Mar 12, 2007, at 9:45 AM, Walter Vaughan wrote:
> "Madmax" and "bigal" are a little disconcerting backdoor parties.
I'm not sure what you mean by this. I took a peek at their settings
and they look pretty safe to me, and are just users that are part of
the blog demo data. I would prefer it if more generic names and such
were used, like the DemoCustomer and other similar accounts, but I'm
not sure how they would be "backdoor" users.
-David
Re: Recover lost admin password
Posted by "David E. Jones" <jo...@hotwaxmedia.com>.
On Mar 12, 2007, at 9:45 AM, Walter Vaughan wrote:
> "Madmax" and "bigal" are a little disconcerting backdoor parties.
I'm not sure what you mean by this. I took a peek at their settings
and they look pretty safe to me, and are just users that are part of
the blog demo data. I would prefer it if more generic names and such
were used, like the DemoCustomer and other similar accounts, but I'm
not sure how they would be "backdoor" users.
-David
Re: Recover lost admin password
Posted by Walter Vaughan <wv...@steelerubber.com>.
Jacques Le Roux wrote:
> Torsten, all,
>
> FYI, beware to not stay with default logins and passwords in production
> sites. This for obvious security reasons. Please see recommendations in
> http://tinyurl.com/yuldmy.
The following users all have "ofbiz" as password. "Madmax" and "bigal" are a
little disconcerting backdoor parties. YMMV. This is a ofBiz/OpenTaps box that
only has demo data installed users.
"admin"
"system"
"flexadmin"
"demoadmin"
"ltdadmin"
"bizadmin"
"blog_author"
"madmax"
"supplier"
"DemoBuyer"
"DemoRepAll"
"DemoRepStore"
"DemoCustCompany"
"DemoCustAgent"
"DemoCustomer"
"blog_admin"
"blog_editor"
"blog_user"
"bigal"
"blog_guest"
--
Walter
Re: Recover lost admin password
Posted by Jacques Le Roux <ja...@les7arts.com>.
Torsten, all,
FYI, beware to not stay with default logins and passwords in production
sites. This for obvious security reasons. Please see recommendations in
http://tinyurl.com/yuldmy.
Thanks to TinyUrl Creator https://addons.mozilla.org/mozilla/126/ I was
able to create this tiny URL with an anchor :o)
Jacques
> Hi Torsten,
> There is one more user with flexadmin and ofbiz we can login
and
> change the admin password getting into party manger.
> regards
> Phani
>
>
> On 3/12/07, Torsten Schlabach <ts...@gmx.net> wrote:
> >
> > Hi!
> >
> > I have an OFBiz installation where someone changed the standard
password
> > of admin / ofbiz to something else, but it got lost. There are other
> > users in the system, but none of them has sufficient privilegdes to
> > reset the password for admin.
> >
> > Is there a simple way of fixing this?
> >
> > Regards,
> > Torsten
> >
>
>
>
> --
> G.Venkata Phanindra
> Mob:: 9849852989
>
Re: Recover lost admin password
Posted by Torsten Schlabach <ts...@gmx.net>.
That helped, thank you.
Any yes, it's a reminder to close all that backdoors on a productive system.
Isn't there something like a test suite which would check for all of this?
Regards,
Torsten
G.Venkata Phanindra schrieb:
> Hi Torsten,
> There is one more user with flexadmin and ofbiz we can login and
> change the admin password getting into party manger.
> regards
> Phani
>
>
> On 3/12/07, Torsten Schlabach <ts...@gmx.net> wrote:
>
>>
>> Hi!
>>
>> I have an OFBiz installation where someone changed the standard password
>> of admin / ofbiz to something else, but it got lost. There are other
>> users in the system, but none of them has sufficient privilegdes to
>> reset the password for admin.
>>
>> Is there a simple way of fixing this?
>>
>> Regards,
>> Torsten
>>
>
>
>
Re: Recover lost admin password
Posted by Andrew Sykes <an...@sykesdevelopment.com>.
Torsten
You could write a Selenium test and add it to the Selenium patch ;-)
https://issues.apache.org/jira/browse/OFBIZ-680
- Andrew
On Mon, 2007-03-12 at 20:35 +0100, Torsten Schlabach wrote:
> That helped, thank you.
>
> Any yes, it's a reminder to close all that backdoors on a productive system.
>
> Isn't there something like a test suite which would check for all of this?
>
> Regards,
> Torsten
>
> G.Venkata Phanindra schrieb:
> > Hi Torsten,
> > There is one more user with flexadmin and ofbiz we can login and
> > change the admin password getting into party manger.
> > regards
> > Phani
> >
> >
> > On 3/12/07, Torsten Schlabach <ts...@gmx.net> wrote:
> >
> >>
> >> Hi!
> >>
> >> I have an OFBiz installation where someone changed the standard password
> >> of admin / ofbiz to something else, but it got lost. There are other
> >> users in the system, but none of them has sufficient privilegdes to
> >> reset the password for admin.
> >>
> >> Is there a simple way of fixing this?
> >>
> >> Regards,
> >> Torsten
> >>
> >
> >
> >
--
Kind Regards
Andrew Sykes <an...@sykesdevelopment.com>
Sykes Development Ltd
http://www.sykesdevelopment.com
Re: Recover lost admin password
Posted by "G.Venkata Phanindra" <ph...@gmail.com>.
Hi Torsten,
There is one more user with flexadmin and ofbiz we can login and
change the admin password getting into party manger.
regards
Phani
On 3/12/07, Torsten Schlabach <ts...@gmx.net> wrote:
>
> Hi!
>
> I have an OFBiz installation where someone changed the standard password
> of admin / ofbiz to something else, but it got lost. There are other
> users in the system, but none of them has sufficient privilegdes to
> reset the password for admin.
>
> Is there a simple way of fixing this?
>
> Regards,
> Torsten
>
--
G.Venkata Phanindra
Mob:: 9849852989
Re: Recover lost admin password
Posted by Walter Vaughan <wv...@steelerubber.com>.
Torsten Schlabach wrote:
> I have an OFBiz installation where someone changed the standard password
> of admin / ofbiz to something else, but it got lost. There are other
> users in the system, but none of them has sufficient privilegdes to
> reset the password for admin.
>
> Is there a simple way of fixing this?
>
If you have write access to the database and especially the user_login table,
you can paste in a known value in the current_password column from a known
user/password combination.
--
Walter
Re: Recover lost admin password
Posted by Chris Howe <cj...@yahoo.com>.
Do you have access to the entity maintenance in webtools or to
database? If so, change UserLogin.password to the encrypted value of a
known password. This is one of many good reasons not to share user
login information.
--- Torsten Schlabach <ts...@gmx.net> wrote:
> Hi!
>
> I have an OFBiz installation where someone changed the standard
> password
> of admin / ofbiz to something else, but it got lost. There are other
> users in the system, but none of them has sufficient privilegdes to
> reset the password for admin.
>
> Is there a simple way of fixing this?
>
> Regards,
> Torsten
>