How to reset a user password from backend?
Step by Step Guide:
- A user with access to the SQL database is needed, with permissions to read/write
- Identify if the user requires the Host Admin password, or the Default Tenant password
- Provide the user with one of the below queries and execute them against the Orchestrator SQL database
- Note that executing the queries will flag the password as requiring a reset, and that they will need to change the password on the next login.
Note: Take a backup of the following tables, before applying any changes.
[%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[AspNetUsers] [%UIPATH ORCHESTRATOR DATABASE NAME%].[dbo].[Users] Example of backup script: SELECT * INTO [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[AspNetUsers_backup] FROM [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[AspNetUsers] SELECT * INTO [%UIPATH ORCHESTRATOR DATABASE NAME%].[dbo].[Users_backup] FROM [%UIPATH ORCHESTRATOR DATABASE NAME%].[dbo].[Users]
Also, the below examples are built around the username admin, but this can apply for any local user.
Scenario 1: From 2020.10.X (Valid till October October 2023, until the product version will be deprecated)
- Firstly, take a backup, before applying any changes.
- Use below SQL to reset the password of admin user under Default tenant to 890iop
UPDATE [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[AspNetUsers] Set PasswordHash='ALWTidnzgaDN04zwfIjlx3ogbXNNer7/QbO9y3Q4LV/MLY+2TaazMLEggpO8/b7/Kg==', IsFirstLogin = 1 where Email = 'admin@defaulttenant.com'
- Use below SQL to reset the password of admin user under host tenant to 3edcVFR$
UPDATE [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[AspNetUsers] Set PasswordHash='AK3FINpqU/VzL+c+VL8mbk9wH35Y22bnTnGlLcAq8KKNqj2pN+3bv0+V0qoSKLIANg==', IsFirstLogin = 1 where Id = (SELECT anu.Id FROM [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[AspNetUsers] anu join [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[Partitions] p on p.Id = anu.MasterPartitionId join [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[Tenants] t on t.PartitionId = p.Id where UserName = 'admin' and t.Name = 'host' )
Scenario 2: From version 2021.10.X
UPDATE [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[AspNetUsers] Set PasswordHash='AQAAAAEAACcQAAAAEE92wFlfbActGWlMDurx8dVnK6ow+1/1rsSv2PMudrjtmODVnTtGLIZnDiwiPI0cFQ==', IsFirstLogin = 1 where Name = 'Organization' and Surname = 'Administrator'
Use below SQL to reset the password of admin user under host tenant to 3edcVFR$
UPDATE [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[AspNetUsers] Set PasswordHash='AQAAAAEAACcQAAAAEM7SbuQy+SNIgiCPR3eXHFAdcty6IuSmvOTW2QcUYpTc/ISr7/4iSVR1LE67AuY4qQ==', IsFirstLogin = 1 where Id = (SELECT anu.Id FROM [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[AspNetUsers] anu join [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[Partitions] p on p.Id = anu.MasterPartitionId join [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[Tenants] t on t.PartitionId = p.Id where UserName = 'admin' and t.Name = 'host' )
From 2022.10.0 till 2023.4
Use below SQL to reset the password of admin user under Default tenant to 890iopqa
UPDATE [identity].[AspNetUsers] Set PasswordHash='AQAAAAEAACcQAAAAEE92wFlfbActGWlMDurx8dVnK6ow+1/1rsSv2PMudrjtmODVnTtGLIZnDiwiPI0cFQ==', IsFirstLogin = 1 where Name = 'Organization' and Surname = 'Administrator'
Use below SQL to reset the password of admin user under host tenant to 3edcVFR$
UPDATE [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[AspNetUsers] Set PasswordHash='AQAAAAEAACcQAAAAEOoO5VkBsWT3B18NaO5kgh9PQCOMGkXchD9+7nhwpmbSy0uVs9UbQOyg0M0XXu9ZJQ==', IsFirstLogin = 1 where Id = (SELECT anu.Id FROM [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[AspNetUsers] anu join [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[Partitions] p on p.Id = anu.MasterPartitionId join [%UIPATH ORCHESTRATOR DATABASE NAME%].[identity].[Partitions] t on t.Name = p.Name where UserName = 'admin' and t.Name = 'host' )
Note: This approach is not recommended, since any wrong changes in the database would pull the entire Orchestrator website down. Make sure that the correct hash value is given and in correct field.
Also, this approach may work or may not as HASH key value depends on the encryption & decryption key.