Steps to decrypt the password of “Weblogic user” if the password is unknown/not working in EBS R12.2

Recently, after the refresh of EBS environment from Production - DBA forgot the Weblogic admin user that was set.

Here are the complete steps to decrypt the  password of “WebLogic user” if the password is unknown /not working in EBS R12.2

Step 1:

cd  $EBS_DOMAIN_HOME/security

vi decrypt_password.py 

from weblogic.security.internal import *

from weblogic.security.internal.encryption import *

encryptionService = SerializedSystemIni.getEncryptionService(".")

clearOrEncryptService = ClearOrEncryptedService(encryptionService)

# Take encrypt password from user

pwd = raw_input("Paste encrypted password ({AES}fk9EK...): ")

# Delete unnecessary escape characters

preppwd = pwd.replace("\\", "")

# Display password

print "Decrypted string is: " + clearOrEncryptService.decrypt(preppwd)

Step2: Source wls environment file:

. $FMW_HOME/wlserver_10.3/server/bin/setWLSEnv.sh

Step3: Get the encrypted password from boot.properties.

grep password $EBS_DOMAIN_HOME/servers/AdminServer/security/boot.properties | sed -e "s/^password=\(.*\)/\1/"

Step4 : Execute the custom script “decrypt_password.py” to decrypt the weblogic password

In $EBS_DOMAIN_HOME, execute the custom script created in Step1. When prompted for input while executing the script, Please provide the encrypted password retrieved in Step3.

java weblogic.WLST decrypt_password.py

output of the script will be similar to below:

[applmgr@testenv security]$ java weblogic.WLST decrypt_password.py

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

Paste encrypted password ({AES}fk9EK...): {AES}PVXB/uhJyeFDjoJmFqZHg8k+vW6/hACDcP6KugEmGX4=

Decrypted string is: *******

Happy Learning!