Video Screencast Help

Lost database password

Created: 12 Mar 2010 • Updated: 21 May 2010 | 10 comments
This issue has been solved. See solution.

I lost the password to my database.
RU5 with embeded database.

Does anybody know if the password listed in this file
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Server Private Key Backup\server_<datestamp>.xml
is really the password to the embedded database?  Is it DES encrypted? 

- <parameter>
  <name>username</name>
  <value>DBA</value>
  </parameter>
- <parameter>
  <name>password</name>
  <value>{DES}snipped</value>
  </parameter>

Comments 10 CommentsJump to latest comment

Rafeeq's picture

you need to enable php loggin in and then you can get your password 

follow this document

http://www.symantec.com/connect/articles/how-find-database-password-odbc

if you want to change it follow this document

http://service1.symantec.com/support/ent-security.nsf/docid/2008011823355248


ohio_navigator's picture

I saw that article earlier and already gave it a try.   But the password listed in the error message is truncated to the first 15 characters.   I verified thats whats happening on another on another SEPM server where I know the password.   I use passwords that are much longer than 15 characters so that article is not going to solve my problem.

So thats why I am wondering if the password listed in the file I referenced above is actually the password to the embedded database ??  

Rafeeq's picture

 its encrypted ,you cannot have it in plain text.

Symantec World's picture

Hi Rafeeq,

First of all Thanks for both article info provided.

Is there any way to recover the encrypted password?

Regards, M.R

Rafeeq's picture

you can use this document, however the string is getting trucated , if you are not using the lenghty password you can use this document

http://www.symantec.com/connect/articles/how-find-database-password-odbc 

Rafeeq's picture

Hello  

I found the way of recovering your password without getting truncated, Sent you a PM
let me know if it was helpful.

the password i used was 30 char long..

SOLUTION
offurrocker's picture

How about the solution to this that actually worked? I'm in the same boat with a lost encryption password that is long.

Thanks in advance...

ohio_navigator's picture

Kudos (and any points) for this solution should  go to Rafeeq.

Instructions:
1. Login to the SEPM where you need to recover the password.

2. It is not necessary to stop any services, and to be best of my knowledge these procedures do no interrupt communication between the manager and clients.

3. Start -> Run: odbcad32

   a. Click the System DSN tab

   b. Select the SymantecEndpointSecurityDSN and then click the Configure button

      i. Click the Database tab

      ii. In the Database File field it should llike this:
      C:\Program Files\Symantec\Symantec Endpoint Protection Manager\db\sem5

      iii. Change the “sem5” at the very end to “SEM”

   c. Click OK to exit from the ODBC configuration program

4. Make a backup copy of C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Php\php.ini

5. Right-click on the C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Php\php.ini file and select Properties

   a. Uncheck read-only

6. In notepad open C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Php\php.ini

   a. Modify the following lines to read:
   display_errors = On
   display_startup_errors = On

7. Save and close php.ini

8. Make a backup copy of C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\Reporting\Common\connectdb.php

9. Right-click on C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\Reporting\Common\connectdb.php and select Properties

   a. Uncheck read-only

10. In notepad open C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\Reporting\Common\connectdb.php

   a. Search for the word “catch”. It will be in several places, but only two of those places will look like this:

   } catch (Exception $e) {
   $dpwd = "";
   throw $e;
   }

   b. In both places where you found the above add one additional line so that it looks like this:

   } catch (Exception $e) {
   echo "GOT IT - this is your password for database !!! {$dpwd}";
   $dpwd = "";
   throw $e;
   }

11. Save and close connectdb.php

12. In Internet Explorer go to http://localhost:8014/reporting
Note modify your port number in the URL as appropriate.

   a. Login using your SEPM administrator credentials

   b. After a few seconds an error message (dump) will be displayed. Look for “GOT IT” and your password will be displayed at the end of that line.

13. The last step is to undo all the changes you made. Be sure to set both files back to read-only. Also change the name of the database used by the ODBC DSN.

Symanticus's picture

is this the password for accessing the SEP mgr. console or the database connection to the embedded DB ?

/* Infrastructure Support Engineer */