Every now and then you'll see one of your colleagues wondering around looking for a way into an existing Kentico Admin interface no one seems to have an account for. How do you get into the Administration interface without breaking anything?
If you've Googled yourself here because you're really locked out of an installation be sure to read the whole article first because the last solution is advised and the easiest!
So you've found yourself working on a Kentico implementation but don't have an account with access to the Admin interface. So what can you do to get in?
Find a colleague
Well first you'll start disturbing your colleague hoping they already have an account so they can create one for you too.
Although this might work, it does take some time and you'll disturb a lot of your hardworking colleague.
If you've just forgotten your password and do have an account you might be able to use the "Forget password" feature.
This works if the SMTP
server, the email template
and possibly the ResetPassword
page are configured correctly.
But what if you don't have an account, or if this doesn't work?
Modify records in the database directly
So you're out of options and think about 'hacking' yourself into Kentico by manipulating the database directly. You know you have an account but just don't seem to have the correct rights or password.
Kentico's user details are stored in multiple tables but you'll be needing the CMS_User
table. Find your user and update it right?
Modifying the database directly is always risky since you're getting around Kentico and it's quite easy to break your whole installation. Always create a Database backup first!
Although you should never
use plain text passwords, these are the easiest to update.
If the password was correct but you don't have admin powers you could check the boolean flag columns:
You will need an enabled
account with the UserIsGlobalAdmin
flags might prevent you from using the normal logon form.
If you don't have a user account available or for some reason they are all gone you could try inserting a new record. If you copy an account with Salt from an other installation remember the Salt
is calculated with use of the UserGUID so make sure to copy this also.
If only there was an easy, secure and Kentico "approved" way? What you probably don't know is that there is one!
Simply adding a AppSettings
key to the web.config will do the trick:
This is really an emergency key but will still use the Kentio API to create or update the user account. It will however leave some required fields empty, like full name.
The key will be automatically deleted from your web.config as soon as the Kentico application created the account, so no need to update your config again to remove it.
NOTE: Remember though that editing the web.config will usually trigger an application pool restart! So be careful if you use this in production environment.
Read more on Devnet : Forgotten+password