Cannot login to the Foglight web console as the foglight account has been locked out and/or the password has been forgotten
Error: Invalid username and/or password. Please try again.
OR
Error: The user account is locked.
There are two possible causes for this issue:
Cause 2 is addressed in the following solution KB ID 69467
Overview of steps:
Resetting the password for the foglight user in the foglight database will depend on what type of database being used to host the Foglight repository (Ex: MySQL, SQL Server or Oracle). See the procedure for each database type below:
Note: The SQL command assumes the foglight repository database is called "foglight". If the database is named something other than foglight, replace 'foglight.sec_user' with '[DB_NAME].sec_user'.
MySQL repository database (embedded or external):
For MySQL database the 'mysql' command line utility is used to make direct modifications to the MySQL database.
For embedded MySQL database, the command is located at FGLHOME/mysql/bin (If external MySQL database location, consult the MySQL DBA). From this directory location run the command to login:
mysql -u root -p -P13306
-u specifies the username (login as 'root' to perform this operation)
-p says to prompt for 'root' password.
-P specifies the port that MySQL database is running on. Default for this is13306 for the Foglight embedded MySQL database (consult the MySQL DBA to find the MySQL port number being used for an external MySQL database).
When prompted for the password, the default password for a MySQL embedded database is 'foglight'. The default password for an external MySQL database is blank (consult the MySQL DBA if the password has been changed from the default).
Once logged in to the MySQL database successfully (the prompt changes to 'mysql'), connect to the 'foglight' database:
mysql> connect mysql> use foglight mysql> connect
Once connected to the 'foglight' database, use the UPDATE command to update the password field in the database:
mysql> UPDATE foglight.sec_user SET password = '<!SHDATA[MD5$6b7e99e161441f5e144aea745ab4ebc2$2087a53c7bce3fd4a8e9e03852fd37cb5b341384e0453ec6', status = 'A', badpwdcount = 0 WHERE username = 'foglight';
This will reset the user 'foglight' with a password of: Password1!
Important: Restart the Foglight Management Service immediately after the UPDATE statement – this must be done BEFORE logging on because the previous password is cached and will be written back to the database if the Foglight Management Service is not restarted before attempting to log on.
Login as ‘foglight’ with the password: Password1!
Postgres repository database (embedded):
For Postgres database the 'psql' command line utility is used to make direct modifications to the Postgres database.
For embedded Postgres database, the command is located at FGLHOME/postgresql/bin (if external Postgres database location, consult the Postgres DBA). From that directory location run the command to set your code page setting, then enter psql.
chcp 1252 psql -U foglight -p 15432 -d foglight
-U specifies the username
-p defines the port that Postgres database is running on. Default for this is 15432 for a Foglight embedded Postgres database (consult the MySQL DBA to find the MySQL port number being used for an external MySQL database).
-d specifies the database name (as designated in the $FGLHOME/config/server.config file).
When prompted for the password, the default password for a Postgres embedded database is 'foglight'. Consult the Postgres DBA if the password has been changed from the default).
Once logged in the Postgres database successfully (the prompt changes to foglight=>).
Enter the UPDATE command to change the password field in the database:
foglight=> UPDATE foglight.sec_user SET password = '<!SHDATA[MD5$6b7e99e161441f5e144aea745ab4ebc2$2087a53c7bce3fd4a8e9e03852fd37cb5b341384e0453ec6', status = 'A', badpwdcount = 0 WHERE username = 'foglight';
This will reset the user foglight with password as: Password1!
To exit the psql utility.
foglight=> \q
Important: Restart the Foglight Management Service immediately after the UPDATE statement – this must be done BEFORE logging on because the previous password is cached and will be written back to the database if the Foglight Management Service is not restarted before attempting to log on.
Login as ‘foglight’ with the password: Password1!
External Postgres
psql -h localhost -d foglight -U foglight
select * from foglight.sec_user where username = 'foglight';
UPDATE foglight.sec_user SET password = '<!SHDATA[MD5$6b7e99e161441f5e144aea745ab4ebc2$2087a53c7bce3fd4a8e9e03852fd37cb5b341384e0453ec6', status = 'A', badpwdcount = 0 WHERE username = 'foglight';This will reset the user 'foglight' with a password of: Password1!
Oracle external database
Generally, external databases are outside of the scope of Foglight Support and have a on-site DBA which must be contacted for making security changes to the database. Essentially, the DBA has a preferred GUI or they have access to the Foglight repository database using the SQL*Plus Oracle command line utility for performing this operation. If using the SQL*Plus command line utility, SQL statements are the same across the databases. Working with the DBA, use the GUI tool for updating the Foglight account password or provide the UPDATE statement from the MySQL example:
UPDATE foglight.sec_user SET password = '<!SHDATA[MD5$6b7e99e161441f5e144aea745ab4ebc2$2087a53c7bce3fd4a8e9e03852fd37cb5b341384e0453ec6', status = 'A', badpwdcount = 0 WHERE username = 'foglight';
Important: Restart the Foglight Management Service immediately after the UPDATE statement – this must be done BEFORE logging on because the previous password is cached and will be written back to the database if the Foglight Management Service is not restarted before attempting to log on.
Login as ‘foglight’ with the password: Password1!
SQL Server external database
Generally, external databases are outside of the scope Foglight Support and have a on-site DBA which must be contacted for making security changes to their databases. Essentially, the DBA has a preferred GUI or they have access to the Foglight repository database using the 'SQL Server Management Studio' GUI or the 'sqlcmd' command line utility for performing this operation. If using the 'sqlcmd' command line utility, sql statements are the same across databases. working with the DBA, use the GUI tool for updating the Foglight account password or provide the UPDATE statement from the SQL Server example:
UPDATE foglight.sec_user SET password = '<!SHDATA[MD5$6b7e99e161441f5e144aea745ab4ebc2$2087a53c7bce3fd4a8e9e03852fd37cb5b341384e0453ec6', status = 'A', badpwdcount = 0 WHERE username = 'foglight';
Important: Restart the Foglight Management Service immediately after the UPDATE statement – this must be done BEFORE logging on because the previous password is cached and will be written back to the database if the Foglight Management Service is not restarted before attempting to log on.
Login as ‘foglight’ with the password: Password1!
Next Step:
Once the password has been successfully changed, and the 'foglight' account is able to login to the Foglight web console with the "Password1!" password, it can be modified:
The UPDATE sql statement explained:
UPDATE foglight.sec_user SET password = '<![HDATA[MD5$0cef1fb10f60529028a71f58e54ed07b', status = 'A', badpwdcount = 0 WHERE username = 'foglight';
foglight.sec_user = 'foglight' is the name of the database. sec_user is the name of the table where the user names/passwords are stored (security)
<![HDATA[MD5$0cef1fb10f60529028a71f58e54ed07b = MD5 encryption string which equates to the text string "Password1!"
status = 'A' - this means this is an Active, Enabled account
badpwdcount = 0 - this is resetting any bad logon attempts for this user account to 0
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center