I need to reset my Drupal site's admin password and I can't user the email reset because the admin email doesn't exist.
I followed the directions here: http://www.ostraining.com/blog/drupal/reset-your-drupal-admin-password/
I ran the SQL: UPDATE dr_users SET pass = md5('newpassword') WHERE uid = 1; - no luck
I also tried entering a password into the users table manually in plain text. - no luck
At this point I'm not sure what the problem is.
The only thing I can think of, and I can't see why this would be it, is that I have a browser open with Admin logged in using the old password. This seems to be a hint to my problem as I would expect that on page refresh I would get logged out as the password has now changed.
try to update the admin email via mysql, then have drupal email you the password reset.
To see what you have now, you could look at the output from SQL
SELECT * FROM dr_users WHERE uid = 1;
It is pretty easy!
With the access to the table "users" (i.e. this table can have a prefix that you have already mentioned during the installation part, so yourPrefix_ can be your project's name as mywebsitename_, and in this case you'll have mywebsitename_users) in your database via PhpMyAdmin for example.
You should alter the "pass" column associated with the "uid" column with the value 1 (i.e 1 for the admin user account).
As the encrypted value for the password: Admin_12345 is =>
$S$DifCVXg9tNtHadziyyQJQVLAaZzW5EgS6OjR56D.mk8MpNQs1II2
You can accede to your admin account after replacing the old hashed password value stored in your database that you have totally forgotten.
Don't forget to change the password: Admin_12345 after you accede to your account ;)
Related
I used rule exists for check Email has in database or not
https://laravel.com/docs/8.x/validation#rule-exists
But I realize in Gmail can add characters as ".","+" without affecting the original Email
It means, a User can create so many account without use other Email
My question is
How do I can validate email exist in database which can prevent the above case?
so you don't want the user to register himself by entering email that contains dot and plus symbol. Simply use regular expressions to validate
whenever the enter email for registration, try to ensure that it is proper gmail address (or you can add validation for other mail addresses including domain names), if the email fullfils the condition, let the email inserted into the database
so simple
I have a local Silverstripe instance but I cannot login and the owners are battling to find their login details. I have the DB so how can I find the Users table and edit it, or make myself an admin account? Thanks
Despite having solved your problem, you did not answer your own question :-). For Google's sake I will try...
The user table is called "Member". It has got the email address and the password in it. You can not manually change the password here, as it is hashed. What you can do is change the email address and use the "forgot password" functionality (in case the client can't do that himself), change the password for the client through the application backend (cms) and change the email address back to its original value. If you are wondering what the MemberPassword table does: AFAIK it only stores a copy of all used passwords by a user (password history)
When you want to make an account administrator, you should first take a look at the Group table and look for "administrators" in the "Code" Column. Take that ID (normally, this would be 2). After that, take a look in the Member table, and look for the user you want to make an admin. Take the ID here as well.
Next, open the Group_Member table and insert a new row (or change the existing if you want) and specify the group id under GroupID and the member id under MemberID.
Adding Security::setDefaultAdmin('admin','admin'); to the _config.php also works, but don't forget to remove it afterwards, just as any phpmyadmin or equivalent that you installed :-)
Just found this add Security::setDefaultAdmin('username', 'password'); to mysite/_config.php. Worked like a bomb!
Create a file _ss_environment.php in the webroot (or the folder above it) if it doesn't already exist. Add these two lines to the bottom:
define('SS_DEFAULT_ADMIN_USERNAME','admin');
define('SS_DEFAULT_ADMIN_PASSWORD','password');
Every month we will have a database refresh so I assume user accounts are deleted and when that happens we will recreate again the users and provide another batch of passwords. For convenience sake, is there a way that passwords used by the user will be retained after the refresh so we dont need to set another batch of password each time the refresh happens? This is tiresome task especially if many users are involved. Thanks for helping. Or user accounts retained after refresh?
[EDIT]
My senior said that all user accounts will be deleted during the refresh. We can reset the password but its tiresome because we have to email the users their new password.
It will all depend on what you call "database refresh".
At the very least, you might somehow save the hashed user password before beginning the "refresh" process, and then restore them at the end.
The following query will use dbms_metadata.get_ddl to return a list of SQL statements that you might use to restore the various password (hashed) values:
-- in SQL*plus use the following lines so CLOB are not truncated:
-- SET LONG 3000
-- SET LIN 200
-- COLUMN USERCREATE FORMAT A200
select
dbms_metadata.get_ddl('USER', username) || '/' usercreate
from
dba_users;
On my test system (Oracle 11g Express Edition), this will produce something like that:
CREATE USER "SONIA" IDENTIFIED BY VALUES 'S:A4CA3.....596'
TEMPORARY TABLESPACE "TEMP"/
CREATE USER "SYLVAIN" IDENTIFIED BY VALUES 'S:23FFA.....8B0'
DEFAULT TABLESPACE "USERS"
TEMPORARY TABLESPACE "TEMP"/
...
I couldn't come up with a better title, so here is what I'd like to do in an Active Directory (Windows 2008 R2):
A user forgot his password and asks an admin to set his password to a new, randomly generated password. Using this random password, the user logs in again and is prompted to change his password (via having the pwdLastSet option set to 0 when setting the random password).
So far, so good.
Is there a way to enforce that the new random password is only valid for a certain amount of time? The only idea I could come up with was to also set the accountExpires property to "now + n hours", but this poses the problem that I'd have to reset this property as soon as the user legitimatly changes his password within the given time frame, and I don't know how to do that.
Is this at all possible using Windows functionality?
if you have a PasswordExpire date field for each password you can use that. if you don't have, i would recommend you create one.
if you don't want this kind of field you can create a database/file/any other way you choose that contains temporary passwords and their expire date/time
there are many other ways to do it. you need to decide the best for you and if you need help come to use with a problem, this is more a recommendation question.
Below is my create script of user
CREATE LOGIN [sa] WITH PASSWORD=N'ô/PDM643¸}''8%õ''f;âw¡ÈS'
Can you tell me this password please?
I would say its [ ô/PDM643¸}'8%õ'f;âw¡ÈS ].
select N'ô/PDM643¸}''8%õ''f;âw¡ÈS'
Double quotes like: '' makes just one ' at the end.
And shouldn't forget that N'somestirng' not really the same as 'somestring'.
N'somestirng' - stores 2 bytes/char
'somestirng' - stores 1 bytes/char
So if there is some special characters like in this case- it makes difference.
That password is a one way hash of the original password entered. No one here is going to be able to decrypt it without generating a rainbow table based on the way it was hashed.
So, if you've lost the password then you need to login into the machine using the administrator account and change it.
If you're just trying to hack a sql server... well, I don't think anyone needs to give you more advice.