Locked out of Admin account after changing the password

Hello,

I tried installing an instance of CS on my local PC, using Apache Tomcat, SQL Server and OTDS, I solved all of the errors by myself and I managed to get OTCS running on localhost, I was in, I could do and access everything, the thing is OTCS told me to change the admin password, I did, and restarted CS as I was told, but then when I tried logging in again, it didn't work anymore, it said that the credentials were invalid, and I know for a fact they were not. I tried with the new password, the old password, and the "livelink" password.

After some tries, it told me that my account is currently locked. Any ideas on how to fix it? I really need this, thanks!

Tagged:

Comments

  • Appu Nair
    Appu Nair Member
    edited September 14, 2021 #2
    The locking will remove itself in 15 mins or so if it doesn’t you can still bypass OTDS based login by using a RH specifically made for that I have written it down will post it , or another way I know. Is to edit the Opentext.ini and bypass otds login . We all do it sometimes when otds misbehaves I will post that here

    https://forums.opentext.com/forums/support/discussion/308417/otds-internal-service-not-responding#latest

    FYI the user called Admin in KUAF is mapped as otadmin@otds.admin in otds so both userids become valid the password you changed is in otds more than likely the password in KUAF is still livelink although I am not sure because when you change password in otds a callback runs and tries to put that in KUAF .
  • Appu Nair
    Appu Nair Member
    edited September 14, 2021 #3

    From my notes that I collected over the years

     ?func=admin.AdminUserLogin  this one will allow Login using KUAF if you remember the admin.index password.

    http://<server>/otcs/cs.exe|llisapi.dll|<whatever script>?otdsauth=no-sso

    bypass OTDS

    forgot password

    non working system

    if you edit OT.ini then the seenOTDSPage flag will also need to be paid heed to

  • Hello @Appu Nair

    While I was waiting for a response I made a virtual machine, brand new OS, did the whole thing again, got again into Content Server, but then after a restart, the issue was the same. When I tried getting into Content Server it redirected me to a login page, where after logging in, it just said "You are logged in as ...." and "Sign out" / "Change password"

    Pasting the link: localhost/otcs/cs.exe?func=admin.AdminUserLogin (as you said) got me on the admin login page that I wanted, but I tried again with every password, I tried with livelink even if I never changed the password like before, whenever I was asked to put a password I always used the same one to ensure that there's no misconception on my side, and even that didn't work, seems like it's the same issue.

    To be honest I am very new to this, and I didn't quite understand your solution, could you please walk me through the steps that might fix this? Thank you very much, I hope this gets fixed.

  • You might reach out to support as I think your OTDS interaction might be corrupted. Following my solutions sometimes requires some knowledge of the software but you may not want to learn the unsupported methods. There might be some errors occurring when you change the password in OTDS. They might help you for a faster resolution.

    Nowadays this is the preferred method of setting up a content server from scratch. mentioning that in case this offers some solace

    I always install and configure a TC so that I can run the OTDS server before I install CS. Make sure it is stable and running fine

    I download System Center and Download CS software.

    I make the SC do the installs

    when prompted I point it to OTDS make sure everything is stable and even change the two default passwords that it keeps complaining about.I leave the search admin server default as it is a small VM.

    Then if not prompted I check patches available for that version

    I install that using SC and its agent. What it does is download all patches relevant to defects of your particular version and put it.

    Most of the time one is able to work through that. What I think I learned is the OTDS server works best if it has the FQDN URL leaving it as localhost:8080 is asking for trouble :) You see that when you are in the livelink page that shows you the integration settings.

  • Thank you,

    I think I managed to solve the issue though. I restart every service from the "Services" menu, then I first log in into OTDS, I refresh the state then get into the Admin login using : localhost/otcs/cs.exe?func=admin.AdminUserLogin and then I login with the same credentials that I use to login into the OTDS.

    And it works, I hope this might help someone else out!

  • Does your integration OTDS URL look like a localhost or an FQDN? see from my server some screencaps for you to compare


    OTDS Trusted Sites I run my CS on IIS on Port 90


    MY CS to OTDS integration page


    What happens is when you execute the URL that ends in cs.exe|llisapi.dll the livelink oscript code sees what the auth method is it is most likely "OTDS" then it says OK I am going to transfer the call to OTDS

    in your case the CS server is on TC I believe in that system even on windows "contexts" matter case wise so you need to trap authentication difficulties by doing some research on the case. Cookies issued by servers are notorious in cases so in a windows/IIS offering you can call a server like HTTP:myserver/OTCS/llisapi.dll or HTTP:myserver/otcs/llisapi.dll but in TC where your livelink server is running the context is of absolute significance it will reject anything it won't like :)

    all OTDS does is it takes your kerberos token and looks up the user in its DB and forwards it back to the original request. Once OTDS says it is a valid user the Oscript software crunches the token and figures out the user in this case if you logged into OTDS as the root otds user it will find 'Admin' that too is the case sensitive.CS database in an OTDS integration does not even care to look at a password :)

    so in closing check your user CaSE and other things what you end up doing is not how all of us use it the adminuserlogin is a specialized RH.

  • Oh okay, I see, thank you for the explanation, I do not have OTCS as a trusted site in OTDS, I will configure it though.

    Thanks again!