Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't logon with admin after update from 2.1.16 to 2.1.17 #318

Closed
alarido opened this issue Apr 5, 2013 · 15 comments
Closed

Can't logon with admin after update from 2.1.16 to 2.1.17 #318

alarido opened this issue Apr 5, 2013 · 15 comments
Milestone
2.1.18

Comments

@alarido
Copy link

alarido commented Apr 5, 2013

Upgrade works fine without any error, I have restored backups an retried upgrade and I have always the same problem.

Once I have to logon as admin I get an error "Bad password for this account"

I have noticed before trying to logon password hash for the user in MySQL is there:

mysql> select * from teampass_users;
+----+-------+----------------------------------------------+------------------+----------+--------------------------------+----------------+----------------------------------------------+-------+-------------+-------------------+----------------+--------------+------------------------+------------+------------------------+-----------------+----------+-----------------+------------------------+-----------+-----------+---------------+------+----------+-------------+-----------------------+
| id | login | pw | groupes_visibles | derniers | key_tempo | last_pw_change | last_pw | admin | fonction_id | groupes_interdits | last_connexion | gestionnaire | email | favourites | latest_items | personal_folder | disabled | no_bad_attempts | can_create_root_folder | read_only | timestamp | user_language | name | lastname | session_end | IsAdministratedByRole |
+----+-------+----------------------------------------------+------------------+----------+--------------------------------+----------------+----------------------------------------------+-------+-------------+-------------------+----------------+--------------+------------------------+------------+------------------------+-----------------+----------+-----------------+------------------------+-----------+-----------+---------------+------+----------+-------------+-----------------------+
| 1 | admin | HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH= | | | | 1323820800 | HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH= | 1 | 1 | | 1365152585 | 0 | | | 1 | 0 | 0 | 3 | 1 | 0 | | english | NULL | NULL | | 0 |
+----+-------+----------------------------------------------+------------------+----------+--------------------------------+----------------+----------------------------------------------+-------+-------------+-------------------+----------------+--------------+------------------------+------------+------------------------+-----------------+----------+-----------------+------------------------+-----------+-----------+---------------+------+----------+-------------+-----------------------+
1 rows in set (0.00 sec)

But once I try to logon it has changed:

mysql> select * from teampass_users;
+----+-------+----------------------------------------------+------------------+----------+--------------------------------+----------------+----------------------------------------------+-------+-------------+-------------------+----------------+--------------+------------------------+------------+------------------------+-----------------+----------+-----------------+------------------------+-----------+-----------+---------------+------+----------+-------------+-----------------------+
| id | login | pw | groupes_visibles | derniers | key_tempo | last_pw_change | last_pw | admin | fonction_id | groupes_interdits | last_connexion | gestionnaire | email | favourites | latest_items | personal_folder | disabled | no_bad_attempts | can_create_root_folder | read_only | timestamp | user_language | name | lastname | session_end | IsAdministratedByRole |
+----+-------+----------------------------------------------+------------------+----------+--------------------------------+----------------+----------------------------------------------+-------+-------------+-------------------+----------------+--------------+------------------------+------------+------------------------+-----------------+----------+-----------------+------------------------+-----------+-----------+---------------+------+----------+-------------+-----------------------+
| 1 | admin | *0 | | | | 1323820800 | HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH= | 1 | 1 | | 1365152594 | 0 | | | 1 | 0 | 0 | 4 | 1 | 0 | | english | NULL | NULL | | 0 |
+----+-------+----------------------------------------------+------------------+----------+--------------------------------+----------------+----------------------------------------------+-------+-------------+-------------------+----------------+--------------+------------------------+------------+------------------------+-----------------+----------+-----------------+------------------------+-----------+-----------+---------------+------+----------+-------------+-----------------------+
1 rows in set (0.00 sec)
@patricklbs
Copy link

Hi,
the same error occurs 2.1.7 - 2.1.17 on xampp windows. But on GNU/Linux CentOS, now when I want to upgrade 2.1.7 >> 2.1.17 at the step 3 when it's moment to stored the famous sk.php, it's appear "the directory must be writable" .... It is writable.
I don't know but I think a chmod 0777 or a+w directory is ok no ?? But I will open a new issue for this.
Thanks.

@fredyap1234
Copy link

Hi, I have the same issue after upgrading from 2.1.15 to 2.1.17. Here's what I noticed.

  1. Password hash for admin user has changed after the upgrade.
  2. I manage to login once I update admin's password hash to the previous hash from database backup.
  3. However, once you disable maintenance mode and logout, you won't be able to login again as the hash has changed again.

Resetting regular admin's password via User Management page will not work as well. It keeps saying 'bad password' when you login.

@Raboo
Copy link

Raboo commented Apr 8, 2013

same problem here..

@Raboo
Copy link

Raboo commented Apr 8, 2013

Is there a way to reset the admin password without doing a re-install?

@nilsteampassnet
Copy link
Owner

As the encryption is totally different, you should try to:

  • Clean the browser cache (for the domain corresponding to your TP domain)
  • close the browser
  • Reopen and log

@alarido
Copy link
Author

alarido commented Apr 8, 2013

I have just tried that and moreover I checked it using chrome in incognito mode to make sure there where no cache messing things up, hash is still changed to "*0" and I can't still can't logon to the site.

@nilsteampassnet
Copy link
Owner

If you have this *0 appearing, something went bad with pw encryption.
Can you give me the content of sk.php file (you can change the salt value)?
You should have something like:

@define('SALT', 'YOUR_SALTKEY'); //Never Change it once it has been used !!!!!
@define('COST', '13'); // Don't change this.

I'm pretty sure it is missing COST define.

Have you taken the package from master trunk?

@alarido
Copy link
Author

alarido commented Apr 8, 2013

Dear Nils,

As you pointed it's missing, that are the contents of my file:

Yes, I did. I have downloaded it again and compared SHA1 hashes with previous downloaded and are exactly the same, can you check if it's the correct package please?:

SHA1: "0bbc191b8bfb7b186a8b8b967513b85afd8b364f"

Adding the COST line make logon work again, thank you very much.

Regards

@dbmcgrew
Copy link

dbmcgrew commented Apr 9, 2013

I encountered the same problem after upgrading from 2.1.15 to 2.1.17 (RHEL 5, using LDAP). If I disable LDAP, then I can use the new admin password just fine. But with LDAP enabled (i.e., so our users can log on), the new admin password never works.

Our sk.php was:

When I change the password, the pw value in the database is:
*0

And the new password does not work.

Then I changed the sk.php file to:

I still can't log on with the new password, but the pw value looks different:
$2y$13$mEohXY[snip]

And my sha1 for the downloaded zip file is the same as the one alarido posted.

Edit to add: There was an LDAP-related bug, in addition to the sk.php problem.
#320

@fredyap1234
Copy link

Here's what I did.

If your pw hash value is "*0", simply update it with the old pw hash value from your previous backup SQL dump that you have prior to the upgrade procedure.

Also make sure that your sk.php file has the following value @define('COST', '13');

Try login as admin and you should be able to do so. From there on you can disable the maintenance mode and change the admin password.

@nilsteampassnet nilsteampassnet mentioned this issue Apr 9, 2013
Closed
nilsteampassnet added a commit that referenced this issue Apr 9, 2013
@nilsteampassnet
2.1.18
95b603d 
#320 - Enabling LDAP prevents local admin login
 #317 - server expected extensions are tested
 #318 - Upgrade process badly creates sk.php file
@patricklbs
Copy link

I do not have a chance with me it does not work better with your suggestion.
However, the upgrade 2.1.7 > 2.1.17 seems to work, to bad :(

@patricklbs
Copy link

I dont know why does not work for me ! see picture from phpmyadmin

2013-04-17_16h51_39

2013-04-17_16h51_56

2013-04-17_16h52_02

2013-04-17_16h52_17

the sk file is correct I dont understand why it's not possible to connect with admin user ? Because ldap on you believe ? Thanks

@dbmcgrew
Copy link

We use LDAP. To get logins as admin to work after upgrading TeamPass from 2.1.15 to 2.1.17, I needed to add the COST line to sk.php as described above, and apply the patch described in issue #320

@patricklbs
Copy link

Thanks a lot. I disable ldap since 2.1.13 and upgrade 2.1.17 and it's working.Have a nice day.

nilsteampassnet added a commit that referenced this issue Jul 26, 2013
@nilsteampassnet
2.1.18 beta
adb66ea 
 #315 - jstree style.css badly referenced
 #314 - Folder is not being deleted
 #320 - Enabling LDAP prevents local admin login
 #317 - server expected extensions are tested
 #318 - Upgrade process badly creates sk.php file
 #348 - Fix for undefined index "isAdministratedByRole"
 #350 - Fix for Lock and delete user actions don't refresh page
 #354 - Fix for removing folders
 #359 - Fix for initial user password change complexity check
 * Fix - no possibility to update a Role
 * New - requested user password complexity shown when changing password
nilsteampassnet added a commit that referenced this issue Aug 15, 2013
@nilsteampassnet
2.1.18
eee33bf 
#315 - jstree style.css badly referenced
#314 - Folder is not being deleted
#320 - Enabling LDAP prevents local admin login
#317 - server expected extensions are tested
#318 - Upgrade process badly creates sk.php file
#348 - Fix for undefined index "isAdministratedByRole"
#350 - Fix for Lock and delete user actions don't refresh page
#354 - Fix for removing folders
#359 - Fix for initial user password change complexity check
#371 - Fix for uploaded files corrupted
#291 - Fix to support openLDAP / posix style LDAP
#361 - Option to use login password as SALT key
* Fix - no possibility to update a Role
* Fix - editing users by clicking on the fields broken
* Fix - parse error in database errors log
* New - requested user password complexity shown when changing password
* New - option for deactivate client-server encryption (usage of SSL)
* New - in tree, new counters added (subfolders and items in subfolders
numbers)
* New language added - Catalan
nilsteampassnet added a commit that referenced this issue Aug 27, 2013
@nilsteampassnet
2.1.18
ea67daf 
#315 - jstree style.css badly referenced
#314 - Folder is not being deleted
#320 - Enabling LDAP prevents local admin login
#317 - server expected extensions are tested
#318 - Upgrade process badly creates sk.php file
#348 - Fix for undefined index "isAdministratedByRole"
#350 - Fix for Lock and delete user actions don't refresh page
#354 - Fix for removing folders
#359 - Fix for initial user password change complexity check
#371 - Fix for uploaded files corrupted
#291 - Fix to support openLDAP / posix style LDAP
#361 - Option to use login password as SALT key
* Fix - no possibility to update a Role
* Fix - editing users by clicking on the fields broken
* Fix - parse error in database errors log
* New - requested user password complexity shown when changing password
* New - option for deactivate client-server encryption (usage of SSL)
* New - in tree, new counters added (subfolders and items in subfolders
numbers)
* New language added - Catalan
@Sailing74
Copy link

For those like me discovering after ages that the admin account is no longer working, you can manually recover this by tweaking entries in the sql database: Just copy a working user entry, set the admin field to 1, change the username (so that it really is a different user), then log into TeamPass as this new admin, change the real admin's password (even to the same value it was before), and you're done (and can delete the newly created user again.

@jescacjim jescacjim mentioned this issue Jul 13, 2018
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.1.18
Development

No branches or pull requests
7 participants
@Raboo @nilsteampassnet @patricklbs @alarido @fredyap1234 @dbmcgrew @Sailing74