Alfresco admin password lost - self hosted alfresco community edition

Question

Alfresco administrator password lost, it doesn't belong to the LDAP server, and even if i update the password of the admin user that i could find in the database, it doesn't not work correctly. Anyone got any idea how to solve this? Thank you

I tried changing the password in the database, in alfresco-global.properties, none works.

The alfresco version is the community edition (an old one, 4.2)

score 0 · Answer 1 · answered May 28 '23 at 10:20

0

If you change the password in the database, in alfresco-global.users, it works.

answered May 28 '23 at 10:20

Johanna Platter

13
4

I tried in alfresco-global.properties but it didn't work , would you please suggest me the right way to do it ? maybe i did it wrong – Mustapha Ghannouchi May 28 '23 at 10:23
To be precise , the installation of alfresco is kinda weird , the project structure and the way to start the project isn't anything that i could find online – Mustapha Ghannouchi May 28 '23 at 10:24
alfresco-global.users, not alfresco-global.properties – Johanna Platter May 28 '23 at 10:26
Is this a table in the database ? if it is i can't find it in my database – Mustapha Ghannouchi May 28 '23 at 10:28
Yes, there is this table. – Johanna Platter May 28 '23 at 10:30
alfresco=# select * from alfresco-global.users; ERROR: syntax error at or near "-" LINE 1: select * from alfresco-global.users; – Mustapha Ghannouchi May 28 '23 at 10:34
there is no table users in the alfresco default db scheme. Maybe johanna has a customization using a custom table. By default admin's password hash is stored in a node property `usr:passwordHash` of a node with PATH `/sys:system/sys:people/usr:admin` you need alfrescoNtlm authentication subsystem configured in your auth chain to use that password for the user `admin` – Heiko Robert Jun 02 '23 at 14:44

score 0 · Accepted Answer · answered May 30 '23 at 15:44

In Alfresco 3.x-5.0, the internal users passwords are stored as md5 hashes in the db (In Alfresco > 5.0 the hash algorithm is flexible and the table structre changed).

e.g. to get the password has for the user admin:

SELECT anp1.node_id,
       anp1.qname_id,       
       anp1.string_value       
FROM alf_node_properties anp1  
   INNER JOIN alf_qname aq1 ON aq1.id = anp1.qname_id   
   INNER JOIN alf_node_properties anp2 ON anp2.node_id = anp1.node_id    
   INNER JOIN alf_qname aq2 ON aq2.id = anp2.qname_id                    
WHERE aq1.local_name = 'password'
AND aq2.local_name = 'username'
AND anp2.string_value = 'admin'
+---------+----------+----------------------------------+
| node_id | qname_id | string_value |                     
+---------+----------+----------------------------------+
| 4 | 10 | 209c6174da490caeb422f3fa5a7ae634 |                
+---------+----------+----------------------------------+
1 row in set (0.00 sec)

to update the passwort to the password admin you could set the hash 209c6174da490caeb422f3fa5a7ae634. Depending on the ids you got back from the previous query the update sql could look like:

update alf_node_properties
set string_value='209c6174da490caeb422f3fa5a7ae634'
where node_id=4 and qname_id=10;

You would need to restart Alfresco to take effect your change.

There is no way to change the admin password for an existing Alfresco Repository in alfresco-global.properties. The property alfresco_user_store.adminpassword is only to define the admin password for a new repository. If you know the password of any existing user in Alfresco you could define that user temporarily as the admin:

alfresco_user_store.adminusername=username

Actually that's exactly what i did , but even when i changed that password in the database , i still couldn't connect using the admin/admin user and pass and that's what i couldn't understand tbh , Throug alfresco gui , i added a user to the group ALFRESCO_ADMINISTRATOR but i couldn't login to share using those credentials — Mustapha Ghannouchi, May 31 '23 at 16:08
how does your authentication.chain look like? put alfrescoNtlm1:alfrescoNtlm in the first postion. — Heiko Robert, Jun 02 '23 at 08:25
Right now it only contains ldap1:ldap , i'll try with alfrescoNtlm1:alfrescoNtlm and see if it works — Mustapha Ghannouchi, Jun 02 '23 at 09:52
the approach I described definitely works. If you only have ldap in the chain, don't be surprised that you can't log in against the internal DB. Possibly the admin is locked? If you have a working LDAP, you can define a LDAP user as admin and then check the `admin` user in the node-browser. — Heiko Robert, Jun 02 '23 at 14:34

Alfresco admin password lost - self hosted alfresco community edition

2 Answers2