Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2372
Views
5
Helpful
8
Replies

Reset Application user apssword from CLI

rupam_chakra1983
Level 1
Level 1

‎04-19-2011 11:31 AM - edited ‎03-16-2019 04:36 AM

HI

Can i reset a Application user password from CLI which has been created manually post installtion, This is not the ccmadministrator password creatde by default.

run sql update applicationuser set passwordreverse='f3f84fcd7934cd48ef4fef0d9057c21d000ffe229fbd0a247ee491927aa30f02' where name='ciscoadmin'

I try to via this command but still it is not successful.

I tried

run sql update applicationuser set password='f3f84fcd7934cd48ef4fef0d9057c21d000ffe229fbd0a247ee491927aa30f02' where name='ciscoadmin'

But it is giving error Column(PASSWORD) not present :-) something like that..

Regards

RC

Labels:
0 Helpful
8 Replies 8

Craig Dyer
Level 3
Level 3

‎04-19-2011 11:53 AM

Hi,

     Are you trying to reset the GUI password via an SQL update, you can do this but why would you not use:-

                  utils reset_ui_administrator_password
    
          If the username is lost try:-
                    utils reset_ui_administrator_name


http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/cucos/6_0_1/cucos/iptpappa.html#wp1120161

     Have a look at this link https://supportforums.cisco.com/message/1163631 Java goes through the procdure of a 5.0 CuCM

Craig

   

0 Helpful

rupam_chakra1983
Level 1
Level 1
In response to Craig Dyer

‎04-19-2011 12:12 PM

Hi Craig

What i understand that the command you have provided is for the application user which has been created during installation.

What i m trying to dio is to reset password for used which i manually createdb from the admin gui.

0 Helpful

phooghen
Cisco Employee
Cisco Employee
In response to rupam_chakra1983

‎04-19-2011 12:20 PM

Can you still access the ccmadmin page ?

If so, you go to User management > Application user > select the specific application user yo uwan tthe password to be reset.

Then, just change the password.

Pierre.

0 Helpful

phooghen
Cisco Employee
Cisco Employee
In response to phooghen

‎04-19-2011 12:41 PM

To add to my previous answer, it difficult to reset an application user password since you must provided the encrypted password and not the plain text password.

run sql update applicationuser set password='f3f84fcd7934cd48ef4fef0d9057c21d000ffe229fbd0a247ee491927aa30f02' where name='application-username'

This command will reset the password of application-username to ciscocisco


Pierre.
0 Helpful

Craig Dyer
Level 3
Level 3
In response to phooghen

‎04-19-2011 12:51 PM

Pierre,

     I have just tried this on a Lab Version 6.1 server and the applicationuser table no longer has a password column which seems to be the reason for the original post, it seem to be tied to the credential table but when I try and do an update the response is 'No UPDATE permission

     Game Over?

Craig

0 Helpful

Craig Dyer
Level 3
Level 3
In response to rupam_chakra1983

‎04-19-2011 12:22 PM

Hi,

     Why do you not reset it using the GUI if you have access? I try and avoid using SQL updates if there is no 'Good' reason.

     If there is a good reason I will fire up Lab server a try to assist further.

Craig

0 Helpful

srsivara
Cisco Employee
Cisco Employee
In response to Craig Dyer

‎04-19-2011 01:46 PM

The 'passwordreverse' column in the 'enduser' and 'applicationtable' tables is the Digest Credentials value, not the password. The password (and pin for endusers) are stored in the 'credential' table

(1) Identified the application user whose password I want to try to update

admin:run sql select * from applicationuser where name='sriram'

pkid                                 name   isstandard passwordreverse acloobsubscription acloodrefer aclpresencesubscription aclunsolicitednotification fkmatrix_presence                    aclallowreplace
==================================== ====== ========== =============== ================== =========== ======================= ========================== ==================================== ===============
9045b277-b27d-bcde-9622-6811438d3457 sriram f          NULL            f                  f           f                       f                          ad243d17-98b4-4118-8feb-5ff2e1b781ac f
admin:
admin:

(2) Get information from the credential table, correlated with the application user :


admin:run sql select * from credential where fkapplicationuser='9045b277-b27d-bcde-9622-6811438d3457'
pkid                                 fkenduser fkapplicationuser                    tkcredential cantchange credmustchange fkcredentialpolicy                   doesntexpire timechanged timeadminlockout credentials                                                      imsinfo
==================================== ========= ==================================== ============ ========== ============== ==================================== ============ =========== ================ ================================================================ =======
137b0b7b-8974-45a9-a73e-c3f8d96a555c NULL      9045b277-b27d-bcde-9622-6811438d3457 3            f          f              9454babf-48d0-4e16-9b80-2d0da4b38750 f            1303245071  NULL             2d28ad897374d31bc2fe6959a336b75aa380cfa2e7cc5bf3436cbcc02955b029 1
admin:

Isolating the important value from the previous output,

admin:run sql select pkid, fkapplicationuser, fkenduser, tkcredential, credentials from credential where fkapplicationuser='9045b277-b27d-bcde-9622-6811438d3457'
pkid                                 fkapplicationuser                    fkenduser tkcredential credentials
==================================== ==================================== ========= ============ ================================================================
137b0b7b-8974-45a9-a73e-c3f8d96a555c 9045b277-b27d-bcde-9622-6811438d3457 NULL      3            2d28ad897374d31bc2fe6959a336b75aa380cfa2e7cc5bf3436cbcc02955b029
admin:

tkcredential - 3 = pw, 4 = pin

(3) Found that sql updates are not allowed on the credential table via CLI :


admin:run sql update credential set credentials='69c4f936f9cdf45f6bbca2570c31215629bb5d6fb97493478b8ff3db6fffbc5' where fkapplicationuser='9045b277-b27d-bcde-9622-6811438d3457'
No UPDATE permission for credential.
admin:

-----

So, you would need to reset the password through the Admin GUI.

Hope this helps.

- Sriram

Please rate helpful posts !

rupam_chakra1983
Level 1
Level 1
In response to srsivara

‎04-20-2011 11:21 AM

Hi

Thanks to all of u for the valuable information.

The only concern i am worried about it is that we have set a password expiry policy for all the application user account including ccmadministrator.

The point to worry is that if at all all the password get locked or the password get expired i would not have any option to recover it except the ccmadministrator pasword.

and we want to avoid using ccmadministrator for any user interaction with cucm gui for security policy.

thts the reason i m looking for an option to change the other application user password and to avoid raising tac case for that.

Regards

RC

0 Helpful
Customers Also Viewed These Support Documents