Recovering admin password? Can't login: Credentials were rejected

[cbe...@gopivotal.com]

Has anyone encountered a situation where 

% cf login -u admin -p <value_from_uaa> fails with "Credentials were rejected, try again"?

If I run with tracing, it is in fact getting a 401, Unauthorized. And if I login to the UAA vm I can see the authentication failing. One aggravating factor being that if you have so many failed logins within a certain interval, the user gets locked out (for how long, I do not know).

A possibly related (but possibly not) issue is that when I'm logged in as a user that has the ORG_MANAGER role for the organization, the command

% cf org-users <org>

failed with ORG MANAGER FAILED. Failed fetching org-users for role

Server error status code 403, error code: access_denied, message: invalid token does not contain resource id (scim) ORG MANAGER

Is there any "easy" way to recover the admin password? I can only imagine that things are going to start failing in even greater ways if the stored admin password doesn't work.

[Aristoteles Neto]

On the deployment manifest, set 

properties:

  uaa:

    scim:

      user:

        override: true

      users:

      - admin|password|scim.write,scim.read,openid,cloud_controller.admin,clients.read,clients.write

I think this will allow you to reset your admin password.

Re: cf org-users, from memory only admin users had that capability (could be wrong). There was a discussion around making it possible for org-members/managers to be able to see users in their org, but not sure what the state of it is.

Aristoteles Neto

ne...@orcon.net.nz

--
You received this message because you are subscribed to the Google Groups "Cloud Foundry Developers" group.
To view this discussion on the web visit https://groups.google.com/a/cloudfoundry.org/d/msgid/vcap-dev/7b2ad3c9-319d-4946-9162-1da91188917a%40cloudfoundry.org.

To unsubscribe from this group and stop receiving emails from it, send an email to vcap-dev+u...@cloudfoundry.org.