I locked myself out from my Plone instance; what can I do?
I locked myself out from my Plone instance or need to reset my password without knowing my old one. Is there any way I can get access again?
Stop your Plone instance (if running). Then, go to your buildout directory and run the following command:
bin/instance adduser user1 password1
This will start Zope and add a manager user with the username 'user1' and the password 'password1'. You can now start your instance and log in with the user you just created. Note that if you try to create a user that already exists, it will fail silently.
The above assumes that your instance start script is called "instance", which is common for standalone installations. If you're using ZEO, you'll typically be using a client name, like 'client1':
bin/client1 adduser user1 password1
If your buildout names your instance or client parts differently, you will need to adjust the command to match.
If you're not using buildout to manage your Zope instance, try the following instead, from your instance directory:
bin/zopectl adduser user1 password1
If the above didn't work (try it first, it won't do anything if it's not supported), you might be using an old version of Zope.
You can create an "emergency user" that will let you into the system. To do this, you'll need the ability to create files in your $INSTANCE_HOME, and to restart Plone.
If this is the case, you can create a temporary user to reset your password with if you have filesystem access to the server your Plone is running on. Here's how:
Go to your Zope's INSTANCE_HOME directory. This is the same directory as the one where your 'Products' directory is located in. On Windows, this is c:\Program Files\Plone 2\Data\.
Run the zpasswd.py file with an argument of access.
This is located in Zope's bin directory. Remember that you need to qualify the path to your Python if it's not in your path. A typical example from Windows with full paths shown would look like this:
C:\Program Files\Plone 2\Data> ..\Python\python.exe ..\Zope\bin\zpasswd.py access Username: tempuser Password: Verify password: Please choose a format from: SHA - SHA-1 hashed password (default) CRYPT - UNIX-style crypt password CLEARTEXT - no protection Encoding: SHA Domain restrictions:
The approach on a typical Linux/UNIX or Mac OS X operating system would look like this:
$ python [your zope]/bin/zpasswd.py access
If you can't run zpasswd.py, you can also create the access file by hand. The simplest format is just a single line, in the format "username:password". In our example, that would be:
Restart your Zope, you should now have an account 'tempuser' that can log in and create a proper user for you inside the instance or reset your existing password. Please note that this temporary manager user cannot create content or do most actions -- they exist just for you to create a normal Manager user in the Zope acl_users folder.
Remember to delete the 'access' file you created after you're done -- leaving it around after you have fixed things is not a good idea, and might be a potential security risk, should someone come along and read this file.