Changing admin password to default

Dear all,
I am setting up a training server for staff and i am using dhis2 live
to achieve the task but i am using one of our database rather than the
default database. I had already used the following query to change the
admin password:

UPDATE users set password = '48e8f1207baef1ef7fe478a57d19f2e5'
where username = 'admin';

What am i doing which is wrong and why i can't login with username:
admin password: district

···

--
Regards,

Gerald

Hi Gerald,

Which version of DHIS2?

···

On Mon, Aug 31, 2015 at 5:02 PM, gerald thomas gerald17006@gmail.com wrote:

Dear all,

I am setting up a training server for staff and i am using dhis2 live

to achieve the task but i am using one of our database rather than the

default database. I had already used the following query to change the

admin password:

UPDATE users set password = ‘48e8f1207baef1ef7fe478a57d19f2e5’

where username = ‘admin’;

What am i doing which is wrong and why i can’t login with username:

admin password: district

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

Knut Staring

Dept. of Informatics, University of Oslo

Norway: +4791880522

Skype: knutstar

http://dhis2.org

Dear Knut,
I am using DHIS2 live and it is version: 2.20 Build revision: 19682

···

On 8/31/15, Knut Staring <knutst@gmail.com> wrote:

Hi Gerald,

Which version of DHIS2?

On Mon, Aug 31, 2015 at 5:02 PM, gerald thomas <gerald17006@gmail.com> > wrote:

Dear all,
I am setting up a training server for staff and i am using dhis2 live
to achieve the task but i am using one of our database rather than the
default database. I had already used the following query to change the
admin password:

UPDATE users set password = '48e8f1207baef1ef7fe478a57d19f2e5'
where username = 'admin';

What am i doing which is wrong and why i can't login with username:
admin password: district

--
Regards,

Gerald

_______________________________________________
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp

--
Knut Staring
Dept. of Informatics, University of Oslo
Norway: +4791880522
Skype: knutstar
http://dhis2.org

--
Regards,

Gerald

I see. There has been a change to the password encryption in 2.21, but that should not affect you:
https://www.mail-archive.com/dhis2-devs-core@lists.launchpad.net/msg00345.html

You don’t have the old password to log in as the admin user? Can you see in the database that the admin user has not been removed?

···

On Mon, Aug 31, 2015 at 6:12 PM, gerald thomas gerald17006@gmail.com wrote:

Dear Knut,

I am using DHIS2 live and it is version: 2.20 Build revision: 19682

On 8/31/15, Knut Staring knutst@gmail.com wrote:

Hi Gerald,

Which version of DHIS2?

On Mon, Aug 31, 2015 at 5:02 PM, gerald thomas gerald17006@gmail.com

wrote:

Dear all,

I am setting up a training server for staff and i am using dhis2 live

to achieve the task but i am using one of our database rather than the

default database. I had already used the following query to change the

admin password:

UPDATE users set password = ‘48e8f1207baef1ef7fe478a57d19f2e5’

where username = ‘admin’;

What am i doing which is wrong and why i can’t login with username:

admin password: district

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

Knut Staring

Dept. of Informatics, University of Oslo

Norway: +4791880522

Skype: knutstar

http://dhis2.org

Regards,

Gerald

Knut Staring

Dept. of Informatics, University of Oslo

Norway: +4791880522

Skype: knutstar

http://dhis2.org

Dear Knut,
1. No i didn't have it
2. Yes, the admin is there. Also when i run the query the encrypted
password had changed but the 'last update time of password' was not
changed

···

On 8/31/15, Knut Staring <knutst@gmail.com> wrote:

I see. There has been a change to the password encryption in 2.21, but that
should not affect you:
https://www.mail-archive.com/dhis2-devs-core@lists.launchpad.net/msg00345.html

You don't have the old password to log in as the admin user? Can you see in
the database that the admin user has not been removed?

On Mon, Aug 31, 2015 at 6:12 PM, gerald thomas <gerald17006@gmail.com> > wrote:

Dear Knut,
I am using DHIS2 live and it is version: 2.20 Build revision: 19682

On 8/31/15, Knut Staring <knutst@gmail.com> wrote:
> Hi Gerald,
>
> Which version of DHIS2?
>
> On Mon, Aug 31, 2015 at 5:02 PM, gerald thomas <gerald17006@gmail.com> >> > wrote:
>
>> Dear all,
>> I am setting up a training server for staff and i am using dhis2 live
>> to achieve the task but i am using one of our database rather than the
>> default database. I had already used the following query to change the
>> admin password:
>>
>> UPDATE users set password = '48e8f1207baef1ef7fe478a57d19f2e5'
>> where username = 'admin';
>>
>> What am i doing which is wrong and why i can't login with username:
>> admin password: district
>>
>> --
>> Regards,
>>
>> Gerald
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~dhis2-devs
>> Post to : dhis2-devs@lists.launchpad.net
>> Unsubscribe : https://launchpad.net/~dhis2-devs
>> More help : https://help.launchpad.net/ListHelp
>>
>
>
>
> --
> Knut Staring
> Dept. of Informatics, University of Oslo
> Norway: +4791880522
> Skype: knutstar
> http://dhis2.org
>

--
Regards,

Gerald

--
Knut Staring
Dept. of Informatics, University of Oslo
Norway: +4791880522
Skype: knutstar
http://dhis2.org

--
Regards,

Gerald

Also, you must restart the server after you do this. Did you restart it?

···

On Mon, Aug 31, 2015 at 6:30 PM, gerald thomas gerald17006@gmail.com wrote:

Dear Knut,

  1. No i didn’t have it

  2. Yes, the admin is there. Also when i run the query the encrypted

password had changed but the ‘last update time of password’ was not

changed

On 8/31/15, Knut Staring knutst@gmail.com wrote:

I see. There has been a change to the password encryption in 2.21, but that

should not affect you:

https://www.mail-archive.com/dhis2-devs-core@lists.launchpad.net/msg00345.html

You don’t have the old password to log in as the admin user? Can you see in

the database that the admin user has not been removed?

On Mon, Aug 31, 2015 at 6:12 PM, gerald thomas gerald17006@gmail.com

wrote:

Dear Knut,

I am using DHIS2 live and it is version: 2.20 Build revision: 19682

On 8/31/15, Knut Staring knutst@gmail.com wrote:

Hi Gerald,

Which version of DHIS2?

On Mon, Aug 31, 2015 at 5:02 PM, gerald thomas gerald17006@gmail.com

wrote:

Dear all,

I am setting up a training server for staff and i am using dhis2 live

to achieve the task but i am using one of our database rather than the

default database. I had already used the following query to change the

admin password:

UPDATE users set password = ‘48e8f1207baef1ef7fe478a57d19f2e5’

where username = ‘admin’;

What am i doing which is wrong and why i can’t login with username:

admin password: district

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

Knut Staring

Dept. of Informatics, University of Oslo

Norway: +4791880522

Skype: knutstar

http://dhis2.org

Regards,

Gerald

Knut Staring

Dept. of Informatics, University of Oslo

Norway: +4791880522

Skype: knutstar

http://dhis2.org

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

Jason P. Pickering
email: jason.p.pickering@gmail.com
tel:+46764147049

Dear Knut,

I did but it is the same thing. This aspect of removing the password reset is a scare because not all admins do handover.

Regards,

Gerald

···

On Mon, Aug 31, 2015 at 6:30 PM, gerald thomas gerald17006@gmail.com wrote:

Dear Knut,

  1. No i didn’t have it

  2. Yes, the admin is there. Also when i run the query the encrypted

password had changed but the ‘last update time of password’ was not

changed

On 8/31/15, Knut Staring knutst@gmail.com wrote:

I see. There has been a change to the password encryption in 2.21, but that

should not affect you:

https://www.mail-archive.com/dhis2-devs-core@lists.launchpad.net/msg00345.html

You don’t have the old password to log in as the admin user? Can you see in

the database that the admin user has not been removed?

On Mon, Aug 31, 2015 at 6:12 PM, gerald thomas gerald17006@gmail.com

wrote:

Dear Knut,

I am using DHIS2 live and it is version: 2.20 Build revision: 19682

On 8/31/15, Knut Staring knutst@gmail.com wrote:

Hi Gerald,

Which version of DHIS2?

On Mon, Aug 31, 2015 at 5:02 PM, gerald thomas gerald17006@gmail.com

wrote:

Dear all,

I am setting up a training server for staff and i am using dhis2 live

to achieve the task but i am using one of our database rather than the

default database. I had already used the following query to change the

admin password:

UPDATE users set password = ‘48e8f1207baef1ef7fe478a57d19f2e5’

where username = ‘admin’;

What am i doing which is wrong and why i can’t login with username:

admin password: district

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

Knut Staring

Dept. of Informatics, University of Oslo

Norway: +4791880522

Skype: knutstar

http://dhis2.org

Regards,

Gerald

Knut Staring

Dept. of Informatics, University of Oslo

Norway: +4791880522

Skype: knutstar

http://dhis2.org

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp


Jason P. Pickering
email: jason.p.pickering@gmail.com
tel:+46764147049

Jason & Knut,
Is there any workaround for this task other than we had done?

Thanks in advance for your usual cooperation.

···

On 8/31/15, gerald thomas <gerald17006@gmail.com> wrote:

Dear Knut,
I did but it is the same thing. This aspect of removing the password reset
is a scare because not all admins do handover.

Regards,
Gerald
On Aug 31, 2015 5:18 PM, "Jason Pickering" <jason.p.pickering@gmail.com> > wrote:

Also, you must restart the server after you do this. Did you restart it?

On Mon, Aug 31, 2015 at 6:30 PM, gerald thomas <gerald17006@gmail.com> >> wrote:

Dear Knut,
1. No i didn't have it
2. Yes, the admin is there. Also when i run the query the encrypted
password had changed but the 'last update time of password' was not
changed

On 8/31/15, Knut Staring <knutst@gmail.com> wrote:
> I see. There has been a change to the password encryption in 2.21, but
that
> should not affect you:
>
https://www.mail-archive.com/dhis2-devs-core@lists.launchpad.net/msg00345.html
>
> You don't have the old password to log in as the admin user? Can you
see in
> the database that the admin user has not been removed?
>
> On Mon, Aug 31, 2015 at 6:12 PM, gerald thomas <gerald17006@gmail.com> >>> > wrote:
>
>> Dear Knut,
>> I am using DHIS2 live and it is version: 2.20 Build revision: 19682
>>
>> On 8/31/15, Knut Staring <knutst@gmail.com> wrote:
>> > Hi Gerald,
>> >
>> > Which version of DHIS2?
>> >
>> > On Mon, Aug 31, 2015 at 5:02 PM, gerald thomas < >>> gerald17006@gmail.com> >>> >> > wrote:
>> >
>> >> Dear all,
>> >> I am setting up a training server for staff and i am using dhis2
live
>> >> to achieve the task but i am using one of our database rather than
the
>> >> default database. I had already used the following query to change
the
>> >> admin password:
>> >>
>> >> UPDATE users set password = '48e8f1207baef1ef7fe478a57d19f2e5'
>> >> where username = 'admin';
>> >>
>> >> What am i doing which is wrong and why i can't login with
>> >> username:
>> >> admin password: district
>> >>
>> >> --
>> >> Regards,
>> >>
>> >> Gerald
>> >>
>> >> _______________________________________________
>> >> Mailing list: https://launchpad.net/~dhis2-devs
>> >> Post to : dhis2-devs@lists.launchpad.net
>> >> Unsubscribe : https://launchpad.net/~dhis2-devs
>> >> More help : https://help.launchpad.net/ListHelp
>> >>
>> >
>> >
>> >
>> > --
>> > Knut Staring
>> > Dept. of Informatics, University of Oslo
>> > Norway: +4791880522
>> > Skype: knutstar
>> > http://dhis2.org
>> >
>>
>>
>> --
>> Regards,
>>
>> Gerald
>>
>
>
>
> --
> Knut Staring
> Dept. of Informatics, University of Oslo
> Norway: +4791880522
> Skype: knutstar
> http://dhis2.org
>

--
Regards,

Gerald

_______________________________________________
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp

--
Jason P. Pickering
email: jason.p.pickering@gmail.com
tel:+46764147049

--
Regards,

Gerald

Hi Gerald,

You can create a password hash with Python and the Bcrypt library. Run this single command in your terminal to get a hash for passwordGoesHere:

$ python -c ‘import bcrypt; hash = bcrypt.hashpw(“passwordGoesHere”, bcrypt.gensalt(rounds=10, prefix=b"2a")); print(hash);’

You can insert the resulting hash directly into the database for the admin user.

Note: If you do not have the Bcrypt library in your Python installation, you should add it with pip. The following will install all prerequisites on a CentOS 6 system:

$ yum install gcc libffi-devel python-devel python-pip

$ pip install --user bcrypt

Before attempting to change the admin user password in the database, visit the front page of a new installation to have DHIS2 generate data in the database for the admin user (you can do something as simple as $ curl -sL http://localhost:8080/). Then, you can enter the following query into the Postgres CLI with the DHIS2 database in use:

UPDATE USERS SET password = ‘001122hashgoeshere221100’ WHERE username = ‘admin’;

Restart the application server (Tomcat) and then you should be able to log in with your new password passwordGoesHere or what you changed it to.

Regards,

Alan

···

On Mon, Aug 31, 2015 at 11:02 AM, gerald thomas gerald17006@gmail.com wrote:

Dear all,

I am setting up a training server for staff and i am using dhis2 live

to achieve the task but i am using one of our database rather than the

default database. I had already used the following query to change the

admin password:

UPDATE users set password = ‘48e8f1207baef1ef7fe478a57d19f2e5’

where username = ‘admin’;

What am i doing which is wrong and why i can’t login with username:

admin password: district

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

1 Like

@Alan, nice. ; )

The only other things to be sure about are

  1. The admin user actually exists.

  2. The admin user is not disabled.

  3. The admin user is actually a super user.

If you have had a situation where someone else was in control over the server, they may have (smartly) disabled or completely removed the “admin” user. Otherwise, you may need to develop a more comprehensive script to inject a user into the database if the “admin” user does not exist at all.

Regards,

Jason

···

On Mon, Aug 31, 2015 at 11:21 PM, Alan Ivey aivey@baosystems.com wrote:

Hi Gerald,

You can create a password hash with Python and the Bcrypt library. Run this single command in your terminal to get a hash for passwordGoesHere:

$ python -c ‘import bcrypt; hash = bcrypt.hashpw(“passwordGoesHere”, bcrypt.gensalt(rounds=10, prefix=b"2a")); print(hash);’

You can insert the resulting hash directly into the database for the admin user.

Note: If you do not have the Bcrypt library in your Python installation, you should add it with pip. The following will install all prerequisites on a CentOS 6 system:

$ yum install gcc libffi-devel python-devel python-pip

$ pip install --user bcrypt

Before attempting to change the admin user password in the database, visit the front page of a new installation to have DHIS2 generate data in the database for the admin user (you can do something as simple as $ curl -sL http://localhost:8080/). Then, you can enter the following query into the Postgres CLI with the DHIS2 database in use:

UPDATE USERS SET password = ‘001122hashgoeshere221100’ WHERE username = ‘admin’;

Restart the application server (Tomcat) and then you should be able to log in with your new password passwordGoesHere or what you changed it to.

Regards,

Alan


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

On Mon, Aug 31, 2015 at 11:02 AM, gerald thomas gerald17006@gmail.com wrote:

Dear all,

I am setting up a training server for staff and i am using dhis2 live

to achieve the task but i am using one of our database rather than the

default database. I had already used the following query to change the

admin password:

UPDATE users set password = ‘48e8f1207baef1ef7fe478a57d19f2e5’

where username = ‘admin’;

What am i doing which is wrong and why i can’t login with username:

admin password: district

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

Jason P. Pickering
email: jason.p.pickering@gmail.com
tel:+46764147049

Hi Alan,

Are you saying this will work also for DHIS2 versions up to and including 2.20? Or just for later versions? What is the result for “district”?

Knut

···

On Mon, Aug 31, 2015 at 11:21 PM, Alan Ivey aivey@baosystems.com wrote:

Hi Gerald,

You can create a password hash with Python and the Bcrypt library. Run this single command in your terminal to get a hash for passwordGoesHere:

$ python -c ‘import bcrypt; hash = bcrypt.hashpw(“passwordGoesHere”, bcrypt.gensalt(rounds=10, prefix=b"2a")); print(hash);’

You can insert the resulting hash directly into the database for the admin user.

Note: If you do not have the Bcrypt library in your Python installation, you should add it with pip. The following will install all prerequisites on a CentOS 6 system:

$ yum install gcc libffi-devel python-devel python-pip

$ pip install --user bcrypt

Before attempting to change the admin user password in the database, visit the front page of a new installation to have DHIS2 generate data in the database for the admin user (you can do something as simple as $ curl -sL http://localhost:8080/). Then, you can enter the following query into the Postgres CLI with the DHIS2 database in use:

UPDATE USERS SET password = ‘001122hashgoeshere221100’ WHERE username = ‘admin’;

Restart the application server (Tomcat) and then you should be able to log in with your new password passwordGoesHere or what you changed it to.

Regards,

Alan


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

On Mon, Aug 31, 2015 at 11:02 AM, gerald thomas gerald17006@gmail.com wrote:

Dear all,

I am setting up a training server for staff and i am using dhis2 live

to achieve the task but i am using one of our database rather than the

default database. I had already used the following query to change the

admin password:

UPDATE users set password = ‘48e8f1207baef1ef7fe478a57d19f2e5’

where username = ‘admin’;

What am i doing which is wrong and why i can’t login with username:

admin password: district

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

Knut Staring

Dept. of Informatics, University of Oslo

Norway: +4791880522

Skype: knutstar

http://dhis2.org

Dear Alan,

Thanks very much

Regards,

Gerald

···

On Mon, Aug 31, 2015 at 11:02 AM, gerald thomas gerald17006@gmail.com wrote:

Dear all,

I am setting up a training server for staff and i am using dhis2 live

to achieve the task but i am using one of our database rather than the

default database. I had already used the following query to change the

admin password:

UPDATE users set password = ‘48e8f1207baef1ef7fe478a57d19f2e5’

where username = ‘admin’;

What am i doing which is wrong and why i can’t login with username:

admin password: district

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

For the record: Starting in 2.21 we only accept bcrypt password hashes. Anything else will fail.

Beginning in 2.17 we started hot-swapping every user logging in with the old scheme (md5) to the new one (bcrypt) on login. Even though they work in 2.20 I strongly suggest using bcrypt hashes for this reason as well as the obvious security improvement.

As it seems you’ve experienced, changing the password in the DB at runtime will not work (application memory will hold the old one). If you need to force a password swap you will need to change the password in the db before you start the server.

···

2015-09-01 9:53 GMT+02:00 gerald thomas gerald17006@gmail.com:

Dear Alan,

Thanks very much

Regards,

Gerald

On Aug 31, 2015 9:22 PM, “Alan Ivey” aivey@baosystems.com wrote:

Hi Gerald,

You can create a password hash with Python and the Bcrypt library. Run this single command in your terminal to get a hash for passwordGoesHere:

$ python -c ‘import bcrypt; hash = bcrypt.hashpw(“passwordGoesHere”, bcrypt.gensalt(rounds=10, prefix=b"2a")); print(hash);’

You can insert the resulting hash directly into the database for the admin user.

Note: If you do not have the Bcrypt library in your Python installation, you should add it with pip. The following will install all prerequisites on a CentOS 6 system:

$ yum install gcc libffi-devel python-devel python-pip

$ pip install --user bcrypt

Before attempting to change the admin user password in the database, visit the front page of a new installation to have DHIS2 generate data in the database for the admin user (you can do something as simple as $ curl -sL http://localhost:8080/). Then, you can enter the following query into the Postgres CLI with the DHIS2 database in use:

UPDATE USERS SET password = ‘001122hashgoeshere221100’ WHERE username = ‘admin’;

Restart the application server (Tomcat) and then you should be able to log in with your new password passwordGoesHere or what you changed it to.

Regards,

Alan


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

On Mon, Aug 31, 2015 at 11:02 AM, gerald thomas gerald17006@gmail.com wrote:

Dear all,

I am setting up a training server for staff and i am using dhis2 live

to achieve the task but i am using one of our database rather than the

default database. I had already used the following query to change the

admin password:

UPDATE users set password = ‘48e8f1207baef1ef7fe478a57d19f2e5’

where username = ‘admin’;

What am i doing which is wrong and why i can’t login with username:

admin password: district

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

It should be

$2a$10$iig96L.lNFPYgt9Go0bJGuJ2A5Sdqid17wV/xwEHlq.cCDYXdGFG2

from Alan’s code.

···

On Tue, Sep 1, 2015 at 8:40 AM, Knut Staring knutst@gmail.com wrote:

Hi Alan,

Are you saying this will work also for DHIS2 versions up to and including 2.20? Or just for later versions? What is the result for “district”?

Knut


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

On Mon, Aug 31, 2015 at 11:21 PM, Alan Ivey aivey@baosystems.com wrote:

Hi Gerald,

You can create a password hash with Python and the Bcrypt library. Run this single command in your terminal to get a hash for passwordGoesHere:

$ python -c ‘import bcrypt; hash = bcrypt.hashpw(“passwordGoesHere”, bcrypt.gensalt(rounds=10, prefix=b"2a")); print(hash);’

You can insert the resulting hash directly into the database for the admin user.

Note: If you do not have the Bcrypt library in your Python installation, you should add it with pip. The following will install all prerequisites on a CentOS 6 system:

$ yum install gcc libffi-devel python-devel python-pip

$ pip install --user bcrypt

Before attempting to change the admin user password in the database, visit the front page of a new installation to have DHIS2 generate data in the database for the admin user (you can do something as simple as $ curl -sL http://localhost:8080/). Then, you can enter the following query into the Postgres CLI with the DHIS2 database in use:

UPDATE USERS SET password = ‘001122hashgoeshere221100’ WHERE username = ‘admin’;

Restart the application server (Tomcat) and then you should be able to log in with your new password passwordGoesHere or what you changed it to.

Regards,

Alan


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp


Knut Staring

Dept. of Informatics, University of Oslo

Norway: +4791880522

Skype: knutstar

http://dhis2.org

On Mon, Aug 31, 2015 at 11:02 AM, gerald thomas gerald17006@gmail.com wrote:

Dear all,

I am setting up a training server for staff and i am using dhis2 live

to achieve the task but i am using one of our database rather than the

default database. I had already used the following query to change the

admin password:

UPDATE users set password = ‘48e8f1207baef1ef7fe478a57d19f2e5’

where username = ‘admin’;

What am i doing which is wrong and why i can’t login with username:

admin password: district

Regards,

Gerald


Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

Jason P. Pickering
email: jason.p.pickering@gmail.com
tel:+46764147049