João Neto's Blog

João Neto's Blog

Yet another post about resetting the Admin password

Yet another post about resetting the Admin password

Subscribe to my newsletter and never miss my upcoming articles

In the WDP packages you download from dev.sitecore.net/Downloads.aspx, you can find sample scripts for creating users for each database. You also find, a sample script for configuring the admin password. image.png The script is named SetSitecoreAdminPassword.sql and it is located in the file Sitecore 10.1.0 rev. 005207 (OnPrem)_single.scwdp (Sitecore 10.1). It is optimized to support different encryption methods.

declare @ApplicationName nvarchar(256) = 'sitecore'
declare @UserName nvarchar(256) = 'sitecore\admin'
declare @Password nvarchar(128) = 'PlaceHolderForPassword'
declare @HashAlgorithm nvarchar(10) = 'SHA1'
declare @PasswordFormat int = 1 -- Hashed
declare @CurrentTimeUtc datetime = SYSUTCDATETIME()
declare @Salt varbinary(16) = 0x
declare @HashedPassword varbinary(20)
declare @EncodedHash nvarchar(128)
declare @EncodedSalt nvarchar(128)

-- Generate random salt
while len(@Salt) < 16
begin
    set @Salt = (@Salt + cast(cast(floor(rand() * 256) as tinyint) as binary(1)))
end

-- Hash password
set @HashedPassword = HASHBYTES(@HashAlgorithm, @Salt + cast(@Password as varbinary(128)));

-- Convert hash and salt to BASE64
select @EncodedHash = cast(N'' as xml).value(
                  'xs:base64Binary(xs:hexBinary(sql:column("bin")))'
                , 'varchar(max)'
            ) from (select @HashedPassword as [bin] ) T

select @EncodedSalt = cast(N'' as xml).value(
                  'xs:base64Binary(xs:hexBinary(sql:column("bin")))'
                , 'VARCHAR(MAX)'
            ) from (select @Salt as [bin] ) T 

execute [dbo].[aspnet_Membership_SetPassword] 
   @ApplicationName
  ,@UserName
  ,@EncodedHash
  ,@EncodedSalt
  ,@CurrentTimeUtc
  ,@PasswordFormat

Some applications might need to change the hash algorithm type in the web.config file due to compliance reasons and it requires you to generate a different hashed password when resetting the admin account. This is why the script above is optimized for all scenarios.

image.png

Credits

Photo by Pixabay from Pexels.

 
Share this
Proudly part of