Recover and Reset Weblogic Admin Password

If you ever forgot the Admin password, this is a safe and easy way to recover it without
decrypting or hacking any WLS file.

For this, we'll just use WLS own tools to log on to Admin Console and reset the Admin
Password.

For this example we will use a standard WLS 10.3.5 domain, located at:
C:\bea\wls\user_projects\domains\base_domain.

This will be referred as DOMAIN_HOME from now on.

1) First of all make sure the Admin Server is stopped.

2) Open a command prompt and go to you DOMAIN_HOME/bin directory

(C:\bea\wls\user_projects\domains\base_domain\bin)

3) Run setDomainEnv.sh(cmd)

4) Run the following command (without the quotes): "java

weblogic.security.utils.AdminAccount NewAdminUser NewAdminPassword ."
Note 1: the dot (".") at the end of the command, is necessary to run the command in the
current location.

Note 2: NewAdminUser and NewAdminPassword are the user and password we are
using to create a temporary AdminUser to log on to WLS.

In this example we used "TempAdmin" for username and "TempPass123" for password.

5) The command will create a file called "DefaultAuthenticatorInit.ldift" in the current

directory.

6) Go to DOMAIN_HOME\security and rename the old "DefaultAuthenticatorInit.ldift",

for precaution, to something like "DefaultAuthenticatorInit.ldift.bkp".

7) Copy the recently created "DefaultAuthenticatorInit.ldift" to DOMAIN_HOME\security

8) Edit the boot.properties located at DOMAIN_HOME\servers\AdminServer\security

and give the values used for user/password in the step 4.

The original values should be a encrypted string, just enter the values as plain text.

For example:

password=TempAdmin
username=TempPass123

9) Delete the file named "DefaultAuthenticatormyrealmInit.initialized" located in

DOMAIN_HOME\servers\AdminServer\data\ldap

10) Go back to your DOMAIN_HOME and start the server with the following command
(without the quotes): "java weblogic.Server"

11) Once the server comes in RUNNING state, shut it down again and restart it with
startWeblogic.sh(cmd)

12) After the server comes up again, log in to Admin Console with the user/pass created
in step 4

13) Go to Security Realms > myrealm > Users and Groups

14) Here you can select your default WLS Admin user (in my case, weblogic) and
change his password.

15) To change it, select the user and go to "passwords" tab, provide the new password
and save it.
16) After that you can restart your server and edit the boot.properties again to use your
new admin user password and then delete the temporary user created for this purpose.