Forgot the admin password to one of your domains?
Don't panic! There is a chance you may recover it from your domain's config.xml.
Administrator's password is encrypted using one-way SHA algorithm, and cannot be decrypted without enormous computational power. Luckily, when a domain is created, the nodemanager's default password is made equal to administrator's one. Nodemanager's password is encrypted with 3DES or AES, and can be decrypted.
Recover passwords for your domain
Upload the security/SerializedSystemIni.dat file from your domain along with config/config.xml. All passwords in config.xml file will be decrypted and shown to you in clear text. Nodemanager's password is likely matches your administrator's password (unless it was changed later).
You may also decrypt passwords for JDBC datasources, JMS bridge endpoints or in boot.properties file.
Security Note
No decrypted passwords are saved anywhere on this server! They are erased from memory the moment you get them.
Why I built this service?
My team has more than 20 domains in use, and forgotten passwords problem often infuriates me. First I wrote a simple command-line utility to do the recovery, and later, seeing a large number of requests online, made it a public service.
No comments:
Post a Comment