This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do you change the SSPR Configuration Password?

I am wondering how I should go about resetting my SSPR's Configuration Password? In the NetIQ documentation it states the following:


https://www.netiq.com/documentation/self-service-password-reset-41/adminguide/data/t41s08bvnwez.html
"During the Self Service Password Reset installation, you specify a Configuration Password. Self Service Password Reset requires the Configuration Password prior to any modifications of its configuration. In the unlocked configuration mode, it is possible to delete the current Self Service Password Reset configuration, and then reconfigure Self Service Password Reset as if it is a new installation, including specifying a new Configuration Password."

Can I just reset the password without deleting the entire configuration? That seems a bit dramatic.
  • 0
    I think this is what you are looking for https://www.novell.com/support/kb/doc.php?id=7014954:

    For SSPR was installed in Windows or Linux, do the following:


    Edit the SSPRConfiguration.xml file found in the Tomcat directory under webapps/SSPR/WEB-INF
    and then restart the SSPR service.


    Edit the SSPRConfiguration.xml as follows:



    [INDENT]Set "configIsEditable" to true. It should look like this:



    <property key="configIsEditable">true</property>




    Delete the property "configPasswordHash"

    <property key="configPasswordHash">

    [/INDENT]
  • 0 in reply to 
    joakim_ganse;2481263 wrote:
    I think this is what you are looking for https://www.novell.com/support/kb/doc.php?id=7014954:

    For SSPR was installed in Windows or Linux, do the following:


    Edit the SSPRConfiguration.xml file found in the Tomcat directory under webapps/SSPR/WEB-INF
    and then restart the SSPR service.


    Edit the SSPRConfiguration.xml as follows:



    [INDENT]Set "configIsEditable" to true. It should look like this:



    <property key="configIsEditable">true</property>




    Delete the property "configPasswordHash"

    <property key="configPasswordHash">

    [/INDENT]


    So what happens once that value is deleted, does SSPR prompt to set a new Configuration Password?
  • 0 in reply to 
    If I remember correctly, Yes.
  • 0 in reply to 

    Sadly this does not work anymore:

    config file does not have a configuration password { 5203 CONFIG_FORMAT_ERROR (config file does not have a configuration password) fields: [config file does not have a configuration password] }

    I had a look into the hash itself, thought I could simply generate a new one but...

    Hash is something like: "$2a$10$ksh98uoijlkj..." So it is a bcrypt hash with 2^10 costs (https://en.wikipedia.org/wiki/Bcrypt#Description)

    You can generate one by using

    htpasswd -nBC10 ""

    But the only password that worked for me was "foobar" which isn't very secure, eh? On any other passwords I got "password wrong" message on SSPR configuration editor.

    So, at the end of the day I was unable to change the SSPR Configuration Password

  • 0 in reply to 

    Copy the hash from another instance where you know the password. It worked for me.