If the admin password for internal ApacheDS server was mistyped when being changed, or simply forgotten, tibco-admin user may be locked out of BPM & the ApacheDS instance. As there is no way to recover the admin password, it is necessary to reset the system partition of the ApacheDS instance.
Environment
Any non-production BPM system (internal apacheds should not be deployed in Production system)
Resolution
To reset the system admin password for AMX/BPM internal ApacheDS server, use this procedure:
In Admin UI, go to Applications tab, expand & select amx.bpm.shared.sysapps/amx.bpm.apacheds
Stop this app
Go to the app's Substitution Variables tab, copy Local Value of workingDirectory
In a command shell (or file manager) go to that folder path, delete the subfolder named system
Back to Admin UI, Start the amx.bpm.apacheds application
On startup, ApacheDS will regenerate the 'system' partition with all default values. i.e. the admin user (uid=admin,ou=system) will have the default password "secret"
You can then use any suitable LDAP Client to connect to the ApacheDS instance as the admin user to change the password.
Note: this procedure is considered very low risk despite resetting the entire system partition, because:
User/group data should only exist in non-system partitions, which are not affected
Ordinarily, everything in system partition would be at default settings anyway (except the forgotten admin password!)
(Similar procedure can be used for an external ApacheDS instance, substituting the appropriate stop/start commands & configuration folder)
Issue/Introduction
How to reset mistyped/forgotten password for ApacheDS admin account