When it comes for WAS, there is a way to change the administrative user account password even if you can't get in the console in the first place! You can do it if you have access to the operating system where the WAS resides and have at least permissions for the user which runs the WAS (so it needn't be a root).
When you log in as that user go to the WAS install directory, then to the profile config subdirectory and find the cells subdirectory. Let's assume we installed WAS here:
In there you will find a nice
security.xmlfile. Edit it. The first lines are:
<?xml version="1.0" encoding="UTF-8"?>
<security:Security xmi:version="2.0" xmlns:xmi="http://www.omg.org/XMI" xmlns:or
5.0/security.xmi" xmi:id="Security_1" useLocalSecurityServer="true" useDomainQua
lifiedUserNames="false" enabled="true" cacheTimeout="598200" issuePermissionWarn
ing="true" activeProtocol="BOTH" enforceJava2Security="false" enforceFineGrained
JCASecurity="false" appEnabled="true" dynamicallyUpdateSSLConfig="true" activeAu
thMechanism="LTPA_1" activeUserRegistry="WIMUserRegistry_1" defaultSSLSettings="
Now, notice the attribute enabled="true". This property says that administrative security is enabled for the console. So if you change the value to false - you disable it.
Easy? Not really - in order to use the new settings the server has to be restarted and WAS will require a password for that to make it happen. So unless you don't have a valid password you will not be able to log in. Fortunately you can deal with it by using kill command for the WAS process. Just find the process using ps and grepping the WAS profile name.
Now, start the server and log in using the standard url without https (the standard URL is http://washost:9060/ibm/console), just click ok button, you don't have to specify the user and you will see the console.
So you hacked it! Now let's change the password and enable the security. We won't do it with a file, just go to the security tab. Now it depends of your security realm settings of how you can change the password. I'll write more about security and managing users on WAS in another post - basically you can do pretty much in here.
In the end don't forget to switch the security on and restart the server again. This scenario is easy for a standalone server, it gets more complicated with clustered, network managed environments but it also works with them. It just requires additional node synchronizing and a correct order of your operations to be effective.