$ grep "Administrator initial password" var/log/midpoint.log (1)
2024-01-24 11:21:35,392 [] [main] WARN (com.evolveum.midpoint.init.DataImport): Administrator initial password (except double quotes): "Ec5s !f7a" (2)Administrator Initial Password
|
Since 4.8.1
This functionality is available since version 4.8.1.
|
Since version 4.8.1 MidPoint distribution does not come with default administrator password 5ecr3t, but rather provides several ways to set initial password or if initial password is not set, password is generated.
Using Generated Password
If clean installation of midPoint is started without any configuration for initial password, during first run of midPoint password will be generated and printed out in the logs.
To obtain it, you should start your midPoint instance and search logs for Administrator initial password.
The password may contain spaces, so it is enclosed with double qoutes. Do not forget to remove qoutes.
| after first login to Administrator account change the password, or disable built-in administrator, because initial password may still be present in logs or environment variables after some time. |
Obtaining password from logs:
| 1 | Searching logs using grep for initial password |
| 2 | The initial password is Ec5s !f7a (you should copy it without leading and trailing qoutes) |
Setup of initial password
Initial password must conform to default password policy, otherwise administrator user will not be created.
You can configure initial password:
-
Using environment variable (recommended way)
Default Password Policy
Default password policy is stricter since midPoint 4.8.1 and following are the requirements for password:
-
length: 8 - 14 characters
-
at least one uppercase letter
-
at least one lowercase letter
-
at least one number
-
you can use also special characters
Using environment variable
Setting initial password using environment variable provides most possibilites and it is also compatible also with Docker conventions.
You need to set environment variable MP_SET_midpoint_administrator_initialPassword to value of initial password.
| This is useful for developers also, they can configure their environment variables to store default midPoint password so it will not change with any new run. |
Shell
export MP_SET_midpoint_administrator_initialPassword=Test5ecr3t
bin/midpoint.sh startDocker Examples
Docker
docker run evolveum/midpoint ... -E MP_SET_midpoint_administrator_initialPassword=Test5ecr3t ...Docker Compose
version: "3.3"
services:
midpoint:
image: evolveum/midpoint
environment:
MP_SET_midpoint_administrator_initialPassword: Test5ecr3t
...Using java property
It is possible to also set default initial password using java property midpoint.administrator.initialPassword.
bin/midpoint.sh start -Dmidpoint.administrator.initialPassword=Test5ecr3tUsing config.xml
If any of previous methods does not work for you, it is possible to setup initial password using config.xml, which contains also other infrastructure passwords.
-
config.xml
<configuration>
<midpoint>
....
<administrator>
<initialPassword>xml5ecr3t</initialPassword>
</administrator>
</midpoint>
</configuration>
Was this page helpful?
YES
NO
Thanks for your feedback