27 Replies Latest reply on Dec 30, 2015 1:22 PM by wroot Branched to a new discussion.

    Openfire admin password



      I have a small problem, my openfire server has been running so well that I haven't needed to administer it for a while and have forgotten the admin password. This would be fine if I was using MySql as it would be easy to fix, but I have used the built in database.


      Would someone be able to give me a simple howto on how to reset this password.


      Many Thanks

        • Re: Openfire admin password

          Find the sparkweb.xml file in the Conf directory, open it in your favorite text editor and place the following:




          Where "joe" is any user you want to use as the admin. This will allow you to login with an account you know.


          If this doesn't work, open the same sparkweb.xml file, find the entry near the bottom that says <setup>true</setup> and change it to false.

          Stop and start the service, open the admin console and you will be prompted to begin the setup again. You previous settings will be saved and you can press "save & continue" for most settings. When it asks for the admin account, fix it there.

          • Re: Openfire admin password



            embedded-db-viewer.sh only seems to work if you have x enabled which I don't. Is there another way to change the database?


            Many Thanks

              • Re: Openfire admin password
                Daryl Herzmann


                I am not well versed with the embedded database, but I believe in the embeded-db folder, there is a openfire.script file, which contains the SQL commands for your database.  If you open it up with a text editor and search for a line containing admin and ofUser, you may find your password in plain text there.



              • Re: Openfire admin password

                I too am unable to access the web admin console. What happened to this feature compared to the older versions?


                I don't have the admin info listed in my openfire.xml file. any other ideas? Yes I am running the latest version. Just downloaded a couple days ago and set this up.




                • Re: Openfire admin password

                  With 3.6.0a, is it possible to add another authorized user to the openfire.xml file and have that new authorized user get sucked in to the database with a restart of openfire? (if it is, you could do that, get in and then start adjust admin user/passwords as needed).

                    • Re: Openfire admin password

                      As stated before, edit the conf/openfire.xml file with the red text...


                      <!-- root element, all properties must be under this element -->
                          <!-- Disable either port by setting the value to -1 --> 


                      This will REPLACE the existing admin account.

                      Once you get into the Admin console, you can edit the Server Properties and change the admin account, or add another with a comma separator.


                      I have done this several times with 3.6.0a...

                        • Re: Openfire admin password



                          This worked for me. Like many others I seem to have an Openfire server that keeps forgetting passwords.


                          version 6.3.6, about 3 days old. Not too impressed.

                          • Re: Openfire admin password



                            I tried that on my 3.6.0a server and then went to the admin gui and typed jimuser with no password and it didn't let me in.  (I copied and pasted your text and then stopped and started openfire).   We use ldap integration with AD normally so is it possible this didn't work because it still tried to use ldap/ad for authentication?   I'm basically looking for a way to get into the admin gui when the ldap/ad piece is hosed up so I can reconfigure to get it working.




                              • Re: Openfire admin password

                                Been there, done that many times. If you brick your ldap configured server, you can't just add an admin account to the openfire.xml to get access. If your ldap stuff is horqued, then it will not find the user you added to the xml file.


                                The only recourse is to change the <setup>true</setup> to false and restart your server. Reconnect and run through mr wizzard again.



                              • Re: Openfire admin password
                                Thomas Wilson

                                Unfortunately this did not work for 3.10.3.  Matter of fact of all the past admin console reported issues/fix none have worked.  I have updated the PLAIN PASSWORD in the ofUser table in the database (MySQL - local) no dice.  I have entered in the code that was presented by oxymoron.





                                I even left jimuser as the user - nada.  So I am stuck.  with 3.10.3 is there a method to reset the admin password so I can get in the console or am I just screwed blued and tattooed? 





                            • Re: Openfire admin password

                              Helo Everyone,


                              I just installed Openfire for the first time.  We have a Red Hat server, so I went with the openfire-3.6.4-1.i386.rpm.  It installed fine with no errors.  It started fine.  I went to the browser interface and configured it fine.  I chose to use the embedded database and default group system.  However, when I went to log in it told me that my username or password were incorrect.  I have tried the solutions offered on this thread and none of them have worked.


                              Interestingly, when I tried to run the embedded viewer I got this error:


                              <root@server> sh embedded-db-viewer.sh
                              Starting embedded database viewer...
                              Exception in thread "main" java.lang.NoClassDefFoundError: org.hsqldb.util.DatabaseManagerSwing
                                 at gnu.java.lang.MainThread.run(libgcj.so.7rh)
                              Caused by: java.lang.ClassNotFoundException: org.hsqldb.util.DatabaseManagerSwing not found in gnu.gcj.runtime.SystemClassLoader{urls=[], parent=gnu.gcj.runtime.ExtensionClassLoader{urls=[], parent=null}}
                                 at java.net.URLClassLoader.findClass(libgcj.so.7rh)
                                 at gnu.gcj.runtime.SystemClassLoader.findClass(libgcj.so.7rh)
                                 at java.lang.ClassLoader.loadClass(libgcj.so.7rh)
                                 at java.lang.ClassLoader.loadClass(libgcj.so.7rh)
                                 at gnu.java.lang.MainThread.run(libgcj.so.7rh)


                              I made sure that I have gcc-java installed (4.1.2-48).  Is there something else I need?  Is my whole setup broken?

                              • Re: Openfire admin password

                                I openfire.xml appears in the administrator name ... I add it?


                                That is what I get in my openfire.xml



                                  <?xml  version="1.0" encoding="UTF-8" ?>
                                    This file stores bootstrap properties needed by Openfire.
                                    Property names must be in the format: "prop.name.is.blah=value"
                                    That will be stored as:
                                    Most properties are stored in the Openfire database. A
                                    property viewer and editor is included in the admin console.
                                 root element, all properties must be under this element 
                                - <jive>
                                - <adminConsole>
                                 Disable either port by setting the value to -1 
                                 Network settings. By default, Openfire will bind to all network interfaces.
                                      Alternatively, you can specify a specific network interfaces that the server
                                      will listen on. For example, This setting is generally only useful
                                       on multi-homed servers. 
                                - <connectionProvider>
                                • Re: Openfire admin password

                                  Strange... I could not log in to Admin Console even after your suggestions.


                                  I'm using WAMP on localhost so I did this:

                                  1) Opened "openfire" database in PHPMyAdmin

                                  2) Opened "ofuser" table

                                  3) Found (at install time generated user) "admin"

                                  4) Edited cell in column (at install time created) "plainPassword"

                                  4a) New password was entered

                                  5) Login was successfull [username: admin / password: see 4a)]


                                  Please do file a bug-report on this one.



                                  Since I'm running on localhost I do not have any certificates installed that should break the functionallity - or?

                                  • Openfire admin password

                                    I found out that if you do not have openfire tied to AD, then the default login is "admin" and the password you entered during setup. By default is has nothing to do with the email address you entered at setup - like you'd think it would. This is still on Openfire 3.7

                                    • Re: Openfire admin password

                                      If you can access the database, please open the table named ofproperty, then find out the record

                                      "admin.authorizedJIDs" and its propvalue is "admin@gauss-pc".


                                      That means only admin can login the admin panel.


                                      So you can add another jid(make sure you know its password )  in it,  For example "admin@gauss-pc,test1@gauss-pc".


                                      Restart openfire service,


                                      Login in admin panel via the account which you just added.

                                      • Re: Openfire admin password
                                        Mohsin Raza

                                        this method will work for External Database (i.e. Mysql).

                                        I was using openfire with external Mysql database and forgot the admin password


                                        then I followed these steps to successfully reset my passwrod:


                                        1. used OpenFire Blowfish Class for password encryption (also attaching the code below)
                                        2. go to your openfire mysql database (in phpmyadmin)
                                        3. in Db go to "ofProperty" table and look for passwordKey->value (copy past this key for later use
                                        4. also updated "admin.authorizedJIDs" with admin@vps.server.com (i.e: username@domain) in "ofProperty" table
                                        5. recover now with OpenFire Blowfish Class:

                                        ======================OpenFire Blowfish.php===========================





                                        * Emulate OpenFire Blowfish Class


                                        class OpenFireBlowfish


                                            private $key;

                                            private $cipher;


                                            public $enckey = "acE1v7A2L0MdjuS"; //Hidden Encryption Key of Openfire BlowFish

                                            public $enciv = '';



                                            function __construct($pass)


                                                $this->cipher = mcrypt_module_open('blowfish','','cbc','');

                                                $ks = mcrypt_enc_get_key_size($this->cipher);

                                                $this->key = pack('H*',sha1($pass));




                                            function encryptString($plaintext, $iv = '')


                                                if ($iv == '') {

                                                    $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($this->cipher));


                                                else {

                                                    $iv = pack("H*", $iv);


                                                mcrypt_generic_init($this->cipher, $this->key, $iv);

                                                $bs = mcrypt_enc_get_block_size($this->cipher); // get block size

                                                $plaintext = mb_convert_encoding($plaintext,'UTF-16BE'); // set to 2 byte, network order

                                                $pkcs = $bs - (strlen($plaintext) % $bs); // get pkcs5 pad length

                                                $pkcs = str_repeat(chr($pkcs), $pkcs); // create padding string

                                                $plaintext = $plaintext.$pkcs; // append pkcs5 padding to the data

                                                $result = mcrypt_generic($this->cipher, $plaintext);


                                                return $iv.$result;




                                            function decryptString($ciphertext)


                                                $bs = mcrypt_enc_get_block_size($this->cipher); // get block size

                                                $iv_size = mcrypt_enc_get_iv_size($this->cipher);

                                                if ((strlen($ciphertext) % $bs) != 0) { // check string is proper size



                                                $iv = substr($ciphertext, 0, $iv_size); // retrieve IV

                                                $ciphertext = substr($ciphertext, $iv_size);

                                                mcrypt_generic_init($this->cipher, $this->key, $iv);

                                                $result = mdecrypt_generic($this->cipher, $ciphertext); // decrypt

                                                //echo var_dump(unpack('c*',$iv))."\n";

                                                $padding = ord(substr($result,-1)); // retrieve padding

                                                $result = substr($result,0,$padding * -1); // and remove it


                                                return $result;




                                            function __destruct()







                                        // Test OpenFire Blowfish Class

                                        $enckey = "paste your openfire passwordKey"; //paste your openfire Db passwordKey copied in poin# 3

                                        $enciv = '';



                                        $a = new OpenFireBlowfish($enckey);



                                        $encstring = bin2hex($a->encryptString('password',$enciv)); //enter your password string to encrypt it

                                        echo "Encrypted Password string:".$encstring . "<br>";



                                        echo "Original Password string:".$a->decryptString(pack("H*", $encstring)) . "<br>";








                                        6. now run this file on your local webserver and copy the encryptedPassword string

                                        7. now go to "ofUser" table in openfire database and replace the encryptedPassword string in your "ofUser" Table against your admin username.



                                        8. restart your server that can be done from WHM (forcerestart/graceful restart)

                                        9. after restarting server refresh your openfire page (http://xxx.xxx.xxx.xxx:9090/ or http://domain.com:9090 ) and login using username and password that you used for encryption



                                        this method will work for External Database Mysql.