Yet another post about resetting the Admin password

Yet another post about resetting the Admin password

In the WDP packages you download from dev.sitecore.net/Downloads.aspx, you can find sample scripts for creating users for each database. You also find, a sample script for configuring the admin password.

The script is named SetSitecoreAdminPassword.sql and it is located in the file Sitecore 10.1.0 rev. 005207 (OnPrem)_single.scwdp (Sitecore 10.1). It is optimized to support different encryption methods.

declare @ApplicationName nvarchar(256) = 'sitecore'
declare @UserName nvarchar(256) = 'sitecore\admin'
declare @Password nvarchar(128) = 'PlaceHolderForPassword'
declare @HashAlgorithm nvarchar(10) = 'SHA1'
declare @PasswordFormat int = 1 -- Hashed
declare @CurrentTimeUtc datetime = SYSUTCDATETIME()
declare @Salt varbinary(16) = 0x
declare @HashedPassword varbinary(20)
declare @EncodedHash nvarchar(128)
declare @EncodedSalt nvarchar(128)

-- Generate random salt
while len(@Salt) < 16
begin
    set @Salt = (@Salt + cast(cast(floor(rand() * 256) as tinyint) as binary(1)))
end

-- Hash password
set @HashedPassword = HASHBYTES(@HashAlgorithm, @Salt + cast(@Password as varbinary(128)));

-- Convert hash and salt to BASE64
select @EncodedHash = cast(N'' as xml).value(
                  'xs:base64Binary(xs:hexBinary(sql:column("bin")))'
                , 'varchar(max)'
            ) from (select @HashedPassword as [bin] ) T

select @EncodedSalt = cast(N'' as xml).value(
                  'xs:base64Binary(xs:hexBinary(sql:column("bin")))'
                , 'VARCHAR(MAX)'
            ) from (select @Salt as [bin] ) T 

execute [dbo].[aspnet_Membership_SetPassword] 
   @ApplicationName
  ,@UserName
  ,@EncodedHash
  ,@EncodedSalt
  ,@CurrentTimeUtc
  ,@PasswordFormat

Some applications might need to change the hash algorithm type in the web.config file due to compliance reasons and it requires you to generate a different hashed password when resetting the admin account. This is why the script above is optimized for all scenarios.


Credits

Photo by Pixabay from Pexels.

comments powered by Disqus

Read more