You are on page 1of 5


Document 1096427.1

Reset the WebLogic EPMSystem Domain admin epm_admin Password Without Knowing the Password (Doc ID 1096427.1)
Modified: 20-Dec-2013 Type: REFERENCE

In this Document Purpose Scope Details References

Hyperion Planning - Version to [Release 11.1] Generic UNIX

The purpose of this article is to allow you "the Hyperion EPM 11.1.2 admin" a way to reset the WebLogic epm_admin user's password without having a way to login to the WebLogic EPMSystem domain as an administrator.

This article is intended for Hyperion EPM 11.1.2 system administrators with: A strong understanding of the Hyperion EPM 11.1.2 system architecture A basic understanding of WebLogic A basic administrators understanding of Unix operating systems

You just installed EPM 11.1.2 and you did not write down the Weblogic Domain admin password, or you've had it installed for awhile and can't remember what the password is to get into the WebLogic Admin console to make a change. This article is going to help you do that so you can get on with your business. In order to perform this task you'll need to know what the DOMAIN_HOME location is. Within these steps we'll refer to the DOMAIN_HOME as a variable. Unix Variable references begin with a '$' dollar sign. Unix Systems The DOMAIN_HOME on unix servers by default will exist under the installing users $HOME directory. In this example the user hypadmin has it's $HOME directory here /export/home/hypadmin Example DOMAIN_HOME=/export/home/hypadmin/Oracle/Middleware/user_projects/domains/EPMSystem Note: Ensure all Managed Servers are shutdown before performing this task

1. Open a shell to the Unix server where EPM 11.1.2 is installed and set the DOMAIN_HOME variable



Document 1096427.1

DOMAIN_HOME=$HOME/Oracle/Middleware/user_projects/domains/EPMSystem 2. Change directory to $DOMAIN_HOME/bin

c d$ D O M A I N _ H O M E / b i n

3. Source the script so we can get all the WebLogic variables set correctly
.s e t D o m a i n E n v . s h

4. Now change directory to $DOMAIN_HOME/security

c d$ D O M A I N _ H O M E / s e c u r i t y

5. Move the DefaultAuthenticatorInit.ldift to a backup file

m vD e f a u l t A u t h e n t i c a t o r I n i t . l d i f tD e f a u l t A u t h e n t i c a t o r I n i t _ o l d . l d i f t

6. Run the following java command to generate a new DefaultAuthenticatorInit.ldift within the security directory
j a v aw e b l o g i c . s e c u r i t y . u t i l s . A d m i n A c c o u n tn e w u s e rn e w p a s s w o r d.

This will create a new user with the assigned password. Replace newuser and newpassword with a user and password of your choosing. Ensure the password is a minimum of 8 characters and contains at least one numeric character. 7. Change directory to $DOMAIN_HOME/servers/AdminServer/security cd $DOMAIN_HOME/servers/AdminServer/security/ 8. Edit the file using a file editor of your choosing. Replace newpassword and newusername with the user and password you defined in step 6.
p a s s w o r d = n e w p a s s w o r d u s e r n a m e = n e w u s e r n a m e

The will get encrypted once the admin server starts up 9. Rename or remove directory $DOMAIN_HOME/servers/AdminServer/data/ldap as it will get recreated once the WebLogic Admin server starts. This step is going to remove any WebLogic users that currently exist in the WebLogic domain. In step 15 we will add epm_admin back into the WebLogic console.
r e n a m e$ D O M A I N _ H O M E / s e r v e r s / A d m i n S e r v e r / d a t a / l d a p $ D O M A I N _ H O M E / s e r v e r s / A d m i n S e r v e r / d a t a / l d a p _ o l d

10. Change directory to $DOMAIN_HOME/bin and start the Weblogic Admin Server
s t a r t W e b L o g i c . s h

11. Open a browser and navigate to the WebLogic Domain console for the EPMSystem domain http://wl_admin_server_hostname:7001/console/login/LoginForm.jsp Login with the newuser and newpassword you defined in step 6 2/5


Document 1096427.1

12. In the left hand window under Domain Structure click the Security Realms link

13. Select the myrealm link

14. Select the Users and Groups tab

15. Click the New button to add the epm_admin user

a. Fill out the 'New' user form making note of the new password you set for the epm_admin user, you'll need this later. Click the 'Save' button



Document 1096427.1

b. Click the epm_admin link to go back in and add groups

c. select the Groups tab and move the Administrators group over to the Choosen column then click the 'Save' button



Document 1096427.1

16. Logout of the WebLogic console and login as the epm_admin user with the new password to ensure the change has been made. 17. At this point you've created the epm_admin user to start the WebLogic console and all the managed servers. If you decide to remove the user you used to get into WebLogic be warned that you won't be able to start the Weblogic console until you perform the steps back in step 8. Replace the user with 'epm_admin' and the password with the epm_admin password you set in step 15a. 18. Now that you've changed the password for your WebLogic admin user you should propagate the newly updated AdminServers boot .properties file to all the Managed Servers within the domain. 19. Follow the Solution in Document 1178033.1 to ensure the new LDAP data is propagated to all Managed Servers at boot up. Copy the file from from EPMSystem/servers/AdminServer/security directory to all the other Managed Servers security directory within the entire EPMSystem domain including any remote servers.

NOTE:1178033.1 - After Resetting the Administrative Username and Password, Users Get an Error on the Managed Servers When Starting Up