Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to resolve Crowd's Adminsitrator password and/or repair a whole Atlassian Application farm?

Kevin Kirchhof
Kevin Kirchhof May 1, 2018

Hey everyone,

 

me again. :( I have again trouble since I' ve installed Crowd (of course on a production system so that I cannot roleback an backup). Since I have installed Crowd, I was not able to login to any other Atlassian applicaiton though configuration as described in related articles form Atlassian documentation. 

Recently I tried to solve all my issues again an tried to initially log in to Crowd, but that didn't work as well. So I figured out the guide to rest the administrators password of Crowd from Atlassian documentation and executed the several SQL statements in Crowd's external database (a mySQL instance). But afterwards I am still not able to login (but now with the replaced passord for the selected security egnine).

 

Please can anyone suggest a guide to me how to "reset" the password of Crowd's administrator accordingly, so that I can logon to at least Crowd again. I am just a step before to reset the wohle application farm and reinstalle ach application because of this horrible authorization issues. Since Crowd is sintalled nothin works anymore; and the whole software dev lifecycle is blocked. :(

 

Thanks in advance and best regards,

Kevin

Answer
Watch
Like Be the first to like this
941 views

1 answer

1 accepted

0 votes
Answer accepted
Gaurav
Gaurav
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 1, 2018

Hey Kevin, 

I think you can change admin password directly by following the steps listed here instead of resetting it.

Cheers!

Gaurav

View More Comments
Kevin Kirchhof
Kevin Kirchhof May 1, 2018

Hi Gaurav,

 

thanks for youre answer. Actually I followed this steps, but unfortunately thex didn't work. Currently I try to update my crowd from 3.1 to 3.2 and resetting the settings I made in my old instance. I hope that will work. :)

 

Cheers,

Kevin

Like
Gaurav
Gaurav
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 1, 2018

Hi Kevin,

Can you verify the value of these attributes once again?

update cwd_user set credential = '{PKCS5S2}8WEZjkCbLWysbcbZ5PRgMbdJgJOhkzRT3y1jxOqke2z1Zr79q8ypugFQEYaMoIZt'
 where id=<id from Stage 1>;

update cwd_user_attribute set attribute_value = 'false', attribute_lower_value = 'false'
 where attribute_name = 'requiresPasswordChange' and user_id=<id from Stage 1>;
 
update cwd_user_attribute set attribute_value = '0', attribute_lower_value = '0'
 where attribute_name = 'invalidPasswordAttempts' and user_id=<id from Stage1>;

Ideally, these SQL statements should set the admin password, given that an 'admin' account exists in the internal directory.

To verify the existence of admin account, you should hit this query

select u.id, u.user_name, u.directory_id from cwd_user u
 join cwd_membership m on u.id=m.child_id join cwd_group g on m.parent_id=g.id 
 join cwd_directory d on d.id=g.directory_id
  where g.group_name = 'crowd-administrators' and d.directory_type='INTERNAL';

Upgrading Crowd from 3.1 to 3.2 will not have any effect directly on the admin account's accessibility, you will still need to set the password.

Let me know, what are the results of the queries I mentioned above.

 

Cheers!

Gaurav

Like
Kevin Kirchhof
Kevin Kirchhof May 2, 2018

Hi Gaurav,

 

exactly these steps I have proceeded in advance. My last action was to reset the whole application Crowd. I reinstalled it on my machine and configured it to use the same mysql server database (which was cleread in advance / I dropped all existent tables from the pevious installation, collation utf8_bin charset utf8).

But now I have even no access with the recently new created administrative user (exemplarily "User 1").

Now I am coming to the sql statements you have announced. First o fall, I checked wethere there is the administrator account, as I expect there should be one. SO I exexuted

select u.id, u.user_name, u.directory_id from cwd_user u
 join cwd_membership m on u.id=m.child_id join cwd_group g on m.parent_id=g.id 
 join cwd_directory d on d.id=g.directory_id
  where g.group_name = 'crowd-administrators' and d.directory_type='INTERNAL';

The result was my "User 1", as expected. I noticed the ID of the user for usage of the upcoming statements.

Now I had to reset (even in the new Crowd installation) the password for "User 1" whom ID is 196600 (the ID is as well exemplarily). So i executed the following statements

update cwd_user set credential = '{PKCS5S2}8WEZjkCbLWysbcbZ5PRgMbdJgJOhkzRT3y1jxOqke2z1Zr79q8ypugFQEYaMoIZt'
 where id=196600;
 
 update cwd_user_attribute set attribute_value = 'false', attribute_lower_value = 'false'
 where attribute_name = 'requiresPasswordChange' and user_id=196600;
 
 update cwd_user_attribute set attribute_value = '0', attribute_lower_value = '0'
 where attribute_name = 'invalidPasswordAttempts' and user_id=196600;

Afterwards I restarted Crowd just to ensure having a clean startup.

I tried to use the "User 1" username and for password "admin" to logon, but it didn't work again! I have absolutly no idea anymore how to fix this issue. I followed the setup instructions and documentations except the following to points:

- for mysql connector I have chosen the newest JDBC/J connector for version 8
- for openid server I set the database driver to com.mysql.jdbc.Driver

As note for the Crowd installation, I selected as security "ATLASSIAN-SECURITY", therefore the password set in database '{PKCS5S2}8WEZjkCbLWysbcbZ5PRgMbdJgJOhkzRT3y1jxOqke2z1Zr79q8ypugFQEYaMoIZt' should be correct for password "admin".

In a nutshell I have the following situation:
- Acessing my old installation and configuration of Crowd is not possible anymore because I have deleted it / I have overriden it.
- Acessing the new installation of Crowd authroized my newly created administrator user not properly, so I had to reset its password.
- The resetted password is not accepted as well.

Do you may habe another / furthermore ideas? :s

Thank you anyway so far.

Best regards,

Kevin

Like
Kevin Kirchhof
Kevin Kirchhof May 14, 2018

Hi @Gaurav,

I guess I found the problem: the issue was regarding a missconfiguration of my proxy: My proxy redirected the authentication requests of Crowd itself to an invalid destination.

Having now Crowd without any proxy settings configured, Crowd works fine.

 

Thanks & Cheers,

Kevin

Like
Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events