KBEC-00030 - Resetting the admin user's password - even if the current password is not known

Description

You might want to reset the admin password for a number of reasons:

  • After installing ElectricCommander, you want to lock-down the system. Changing the admin password is the first task to accomplish system lock-down.
  • The admin user password may be lost.
  • An employee who knows the admin password has left the company, and it is a standard security policy to change all admin passwords for all accessible systems.

Solution

Three scenarios with a different solution for each:

The current admin password is known

  1. Log in as admin
  2. Go to the Administration tab > Users subtab
  3. Edit the admin user
  4. Enter the current and new passwords

A non-admin user has modify privileges on the admin user object

  1. Log in as that user
  2. Go to the Administration tab > Users subtab
  3. Edit the admin user
  4. Enter the logged-in user's password
  5. Enter the new admin password

The ACL inheritance hierarchy for users is Server -> Directory -> User. Typically, one or more users/groups have the modify privilege on the Server, so those users/groups can modify the admin user.

No user has modify privileges on the admin user

  1. Shut down the ElectricCommander server
  2. Log into the database directly and delete the admin user
    For example, in MySQL:
    mysql -D commander -u root -pcommander -e "delete from ec_user where name = 'admin'"
  3. Restart the ElectricCommander server. The admin user is recreated with the default password 'changeme'.
Have more questions? Submit a request

Comments

Powered by Zendesk