Resetting the Oracle Weblogic Server Password

It happens sometimes we forget the password for Weblogic server or there is a need to change the weblogic password.Then follow the steps:


1. Stop all the Weblogic services


2. change directory to <Middleware_Home>\user_projects\domains\yourdomain_domain\bin

cd <Middleware_Home>\user_projects\domains\yourdomain_domain\bin

3. Source the setDomainEnv.cmd(Windows) / setDomainEnv.sh (Linux) script so we can get all the WebLogic variables set correctly

In windows: setDomainEnv.cmd

In Linux: . setDomainEnv.sh

4. Now change the directory to security directory in your instance.

cd <Middleware_Home>\user_projects\domains\yourdomain_domain\security

5. Move the DefaultAuthenticatorInit.ldift to a backup file

In Windows:

mv DefaultAuthenticatorInit.ldift DefaultAuthenticatorInit_old.ldift

In Linux:

mv DefaultAuthenticatorInit.ldift DefaultAuthenticatorInit_old.ldift

6. Run the “java weblogic.security.utils.AdminAccount newuser newpassword .” to generate a new DefaultAuthenticatorInit.ldift with a new user with the assigned password within the security directory

eg: java weblogic.security.utils.AdminAccount weblogic weblogic123 .

Note: replace newuser and newpassword with a user and password of your choosing. Ensure the password is a minimum of 8 characters and contains at least one numeric character. Also, don’t forget the period “.” at the end of the above command, it is required.

7. Change directory to <Middleware_Home>\user_projects\domains\yourdomain_domain\servers\AdminServer\security

cd <Middleware_Home>\user_projects\domains\yourdomain_domain\servers\AdminServer\security\

8. Edit the boot.properties file and replace newpassword and newusername with the user and password you defined in step 6. Do this for all the servers in the domain.

password=newpassword

username=newusername

The boot.properties will get encrypted once the admin server starts up

9. Rename or remove directory <Middleware_Home>\user_projects\domains\yourdomain_domain\servers\AdminServer\data\ldap as it will get recreated once the WebLogic Admin server starts.

e.g:

rename <Middleware_Home>\user_projects\domains\yourdomain_domain\servers\AdminServer\data\ldap <Middleware_Home>\user_projects\domains\yourdomain_domain\servers\AdminServer\data\ldap_OLD

10. Change directory to <Middleware_Home>\user_projects\domains\yourdomain_domain\bin and start the Weblogic Admin Server

In Windows: startWebLogic.cmd

In Linux: ./ startWebLogic.sh

11. Once the weblogic server is up, you’ll be able to login to Console with the new weblogic Admin user and password.

R12 E-Business Suite Registration and error Resolution (Unable to call fnd_ldap_wrapper.create_user/update_user ORA-20001

OID integration with Oracle E-Business Suite has to register 3 components in EBS.

i) 10.1.3 ORACLE_HOME

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registerinstance=yes

ii) SSO Registration

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registersso=yes

iii) OID Registration

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registeroid=yes



EBS and OID will have 4 types of Provisioning:

i)  BiDirectional Provisioning (-provisiontype=1)
This is set by using the "-provisiontype=1" command line argument during OID registration. This is the default
provisioning type set by the registration utility.

ii) InBound Provisioning
This is set by using the "-provisiontype=2" command line argument during OID registration.

iii) OutBound Provisioning
This is set by using the "-provisiontype=3" command line argument during OID registration.

iv) BiDiNoCreation Provisioning
This is set by using the "-provisiontype=4" command line argument during OID registration. 


Provisioning Status:


Status of Provisioning can be known using the following command:

oidprovtool operation=STATUS \

> ldap_host=<Server_name> ldap_port=3060 \

> ldap_user=cn=orcladmin ldap_user_password=manager3 \

> application_dn="orclApplicationCommonName=DEV,cn=EBusiness,cn=Products,cn=OracleContext,dc=abcdefg,dc=com"    


Set the profile Options as per the Oracle note and restart the OPMN processes.



When the user try to create the user, he may experience an error like:

Unable to call fnd_ldap_wrapper.create_user / update_user ORA-20001 after OID integration with R12



This error could be because of many reasons , to name few
1) More Secure Password Policy in OID compared to E-Business Suite
2) User already exists in OID but missing in E-Business Suite
3) apps user does not have privileges to access dbms_ldap package.
4) AppsDN password expired in OID (password expiry in OID)
5) OID or DIP server not running



To get the more relevant error message for the above error, enable the FND DEBUG with the below profile options at user level:

FND: Debug Log Enabled - YES
FND: Debug Log Level - Error
FND: Debug Log Mode - Asynchronous
FND_DEBUG_RULE_THRESHOLD - 100

and reproduce the same error as the same user to whom the above profile actions are set and execute the following sql to know the exact error:

select module||' '||message_text , timestamp from apps.fnd_log_messages where timestamp > (sysdate - 1) order by timestamp;


In our case the error message was like this:

fnd.plsql.oid.fnd_ldap_user.create_user:  ORA-31202: DBMS_LDAP: LDAP client/server error: Constraint violation. Password Policy Error :9004: GSL_PWDNUMERIC_EXCP :Your Password must contain at least 1 numeric characters.

So the OID Policy was to have atleast one number and one character in password.