Sie sind auf Seite 1von 3

Weblogic Trouble shooting Guide:

Changing pwd of admin server:


1)
2)
3)
4)
5)

First bring down the server


Remove the DefaultAuthenticatorInit.ldift(move to DefaultAuthenticatorInit.ldift.old)
Remove the ldap folder under the servers/admin/data
Change the username pwd in boot.properties file(if exisits) to the new pwd
Run the below command under DOMAIN_HOME/security

/opt/app/bea/wls92mp2/jdk150_10/bin/java -cp /opt/app/bea/wls92mp2/weblogic92/server/lib/weblogic.jar


weblogic.security.utils.AdminAccount weblogic admin .
The above command recreates the DefaultAuthenticatorInit.ldift
6) Start the admin server.

For Encrypting a particluar string into desc3 :


java -Dweblogic.RootDirectory="/home/kk595p/classick_domain" -cp
"/opt/app/bea/wls92mp2/weblogic92/server/lib/weblogic.jar" weblogic.security.Encrypt
Above command will promt for the pwd
{3DES}tT3tRIZjdpFMDNfWTWjmGg==

For creation of new serializesystemini.dat and filerealm.propertries file


/opt/app/bea/wls92mp2/jdk150_10/bin/java -cp /opt/app/bea/wls92mp2/weblogic92/server/lib/weblogic.jar
weblogic.security.acl.internal.FileRealm fileRealm.properties SerializedSystemIni.dat

Page 1 of 3

How To Recover SerializedSystemIni.Dat When It Gets Corrupted :


NOTE: this is only for domain in development mode
Please do the following steps in order to recover SerializedSystemIni.dat file:
Go to DOMAIN_HOME/config
Open the config.xml file and remove any encrypted sections from the <credential-encrypted> attributes.
Replace its content with
Save the file.
Go to DOMAIN_HOME/servers/AdminServer/security
Remove the boot.properties file if exists.
Go to DOMAIN_HOME/security
Remove SerializedSystemInit.dat
Go to DOMAIN_HOME/
Rename the fileRealm.properties to fileRealm.properties.src
Open fileRealm.properties.src
Change all the hashed passwords (encrypted passwords) to clear text passwords.
For example:
user.system=0xa078cb45e6f6c4eefdd1f14495ff739b5536904c to user.system=Weblogicdomainpwd
13. Ensure to use the same password that was set to the domain.
14. Save the file.
15. Open a terminal and go to DOMAIN_HOME/bin
16. Execute setDomainEnv.sh
17. Then execute (in the same open terminal) the following script:
java weblogic.security.acl.internal.FileRealm fileRealm.properties SerializedSystemIni.dat

Save the script.


20. Start Weblogic with startWeblogic.sh or startWeblogic.cmd
21. Enter the user and password

Page 2 of 3

NOTE: In PRODUCTION MODE


Create a new domain with same username and pwd
1) Copy the filerealm.property file and serializeSystemIni.dat from the new domain to the corrupted domain.
2) Copy the credential-encrypted from the new domain config.xml to corrupted domain
<default-realm>myrealm</default-realm>
<credentialencrypted>{3DES}eVdL/vdCCg4+mJqYwti/N+00gXi9D+aqTix1CPYs8ygKIKPL2XIys6XpYdDK2bGwH
XJs6SRnDjaSMJ8pxQ86dJj9y/F0Vc4l</credential-encrypted>
<name>classick_domain</name>
<credential-encrypted>{3DES}xFmVkykT5x0ZkvCvud9TT/N6mkc3iErGLXXoMtCS4TU=</credentialencrypted>
3) Copy the node manager username from new domain to corrupted domain
4) encrypt each des3 encrypted pwd in all the places with the below command
Ex: jdbc passwords and others
For ecrypting a particluar string into desc3
java -Dweblogic.RootDirectory="/home/kk595p/classick_domain" -cp
"/opt/app/bea/wls92mp2/weblogic92/server/lib/weblogic.jar" weblogic.security.Encrypt
When you run the above command . it will promt for a pwd . When you enter plain text pwd , it will
sencrypt the same .

5) After changes all the des3 pwd . Start the admin,manage servers .
NOTE: The above scenario is tested without JMS . Yet to check with that

Page 3 of 3