Resetting the JIRA administrator password
Sometimes, you might forget or lose the password to the account with the JIRA Administrator or JIRA System Administrator permission, and you cannot retrieve it using the password reset option. For example, suppose JIRA does not have an SMTP server configured or you restore JIRA from a data dump and do not know the account and/or password. In these cases, you need to reset the administrator password directly in the database.
Note
This recipe only applies to the JIRA instances that use the default internal user directory option. External user management, such as LDAP, will not work with this recipe.
Getting ready
As we will reset the password in JIRA's database, make sure you do the following:
- Connect to the JIRA database either via the command line or a
- Update the JIRA database
How to do it...
Let's assume we use the default mysql command-line tool and MySQL as the backend database for JIRA. If you are using a different database, you may need to change the following SQL statements accordingly:
- Connect to the JIRA database with a client tool by running the
mysql -u jirauser -p
command, wherejirauser
is the username used by JIRA to access the JIRA database. - You can find JIRA's database details from the
dbconfig.xml
file located inJIRA_HOME
. - Change to the JIRA database by running the
use jiradb
command, wherejiradb
is the name of JIRA's database. - Determine the groups that have the JIRA System Administrators global permission with the following SQL statement:
select perm_parameter from schemepermissions where PERMISSION=44;
- Find users that belong to the groups returned in STEP 4 by running the following SQL statement, where
jira-administrators
is a group returned from STEP 4:select child_name, directory_id from cwd_membership where parent_name='jira- administrators';
Note
The jira-administrators group is the default group that administrators belong to. You might get a different group if you customize the permission configurations.
The table column for the username is
child-name
. - Reset the user's password in the database with the following SQL statement, where admin is a user returned in STEP 5:
update cwd_user set credential='uQieO/1CGMUIXXftw3ynrsaYLShI+ GTcPS4LdUGWbIusFvHPfUzD7 CZvms6yMMvA8I7FViHVEqr6Mj4pCLKAFQ==' where user_name='admin';
- Restart JIRA to apply the change.
How it works...
With JIRA's internal user directory, all the user and group data is stored in the JIRA database. The value 44 is the ID of the JIRA System Administrators global permission.
If you do not know which groups or users are granted the JIRA System Administrators global permission, we will first have to find this information using STEP 4 and STEP 5. Otherwise, you can skip to STEP 6 in order to reset the password.
JIRA's user password information is stored in the cwd_user
table. As JIRA only stores the hash value of the password, we changed the user's admin password to uQieO/1CGMUIXXftw3ynrsaYLShI+GTcPS4LdUGWbIusFvHPfUzD7CZvms6yMMvA8I7FViHVEqr6Mj4pCLKAFQ==
, which is the UTF-8-encoded hash value of sphere.