In OBIEE 10g, If you forgot the repository (RPD) password, we can easily get it with simple configuration change (AUTHENTICATION_TYPE = BYPASS_NQS) in NQSConfig.ini file.This was a security breach in OBI 10g versions and it didn’t have had fix for it. But it is a very dangerous security breach. If anyone gets the production RPD, he can simply bypass the rpd security and can deploy it to see the valuable data. As the OBI rpd doesn’t require someone to know the production Database password, the information theft is quite possible.
So unlike OBIEE 10G, The newer OBIEE 11G has a very tight security i.e. TWO level key authentication to open a RPD in online mode and one key (RPD password) in offline mode. Either of the modes cannot open the repository with some configuration changes. So be careful if you want to reuse the OBI repository, make sure that you have memorized the RPD password. There is NO any reset process.
But however, you can get a password for an already deployed RPD. With the help of wlst script, you can get the forgotten OBI Repository password that is deployed earlier.
To know forgotten OBIEE11G Repository (RPD) password:
Login to weblogic EM (http://localhost:7001/em) and navigate to credentials store page.
Expand the key map: oracle.bi.enterprise. This is the key map which stores all the repository passwords that are deployed.
I would like to show you how to know the forgotten password of a deployed repository.From the list, to get the password of “SampleAppLite_BI0019” repository, follow these steps:
Open command prompt
C:\Users\asif>cd C:\Oracle\Middleware\oracle_common\common\bin
C:\Oracle\Middleware\oracle_common\common\bin>wlst.cmd
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
wls:/offline> connect("weblogic","weblogic$123","localhost:7001")
Connecting to t3://localhost:7001 with userid weblogic ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain 'bifoundation_domain'.
Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.
wls:/bifoundation_domain/serverConfig> listCred("oracle.bi.enterprise","repository.SampleAppLite_BI0019")
Location changed to domainRuntime tree. This is a read-only tree with DomainMBean as the root.
For more help, use help(domainRuntime)
[Name : tempvalue, Description : null, expiry Date : null]
PASSWORD:Admin123
wls:/bifoundation_domain/serverConfig>
Hope this help you :)
So unlike OBIEE 10G, The newer OBIEE 11G has a very tight security i.e. TWO level key authentication to open a RPD in online mode and one key (RPD password) in offline mode. Either of the modes cannot open the repository with some configuration changes. So be careful if you want to reuse the OBI repository, make sure that you have memorized the RPD password. There is NO any reset process.
But however, you can get a password for an already deployed RPD. With the help of wlst script, you can get the forgotten OBI Repository password that is deployed earlier.
To know forgotten OBIEE11G Repository (RPD) password:
Login to weblogic EM (http://localhost:7001/em) and navigate to credentials store page.
I would like to show you how to know the forgotten password of a deployed repository.From the list, to get the password of “SampleAppLite_BI0019” repository, follow these steps:
Open command prompt
C:\Users\asif>cd C:\Oracle\Middleware\oracle_common\common\bin
C:\Oracle\Middleware\oracle_common\common\bin>wlst.cmd
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
wls:/offline> connect("weblogic","weblogic$123","localhost:7001")
Connecting to t3://localhost:7001 with userid weblogic ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain 'bifoundation_domain'.
Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.
wls:/bifoundation_domain/serverConfig> listCred("oracle.bi.enterprise","repository.SampleAppLite_BI0019")
Location changed to domainRuntime tree. This is a read-only tree with DomainMBean as the root.
For more help, use help(domainRuntime)
[Name : tempvalue, Description : null, expiry Date : null]
PASSWORD:Admin123
wls:/bifoundation_domain/serverConfig>
Hope this help you :)
Hi .
ReplyDeleteI am getting ListCred Name error while running..
second step.....listCred..
I am trying this on Windows machine, where my ODI server reside onn AIX.
please help.
I got forgot password for my rpd.. Thanks pathan..
ReplyDeleteThis works only for versions below 11.1.1.7
ReplyDelete