Restoring passwords to recover admin users

Use this document if you are unable to login as administrator or have forgotten your password and do not have Mail Server configured, to manually replace administrator passwords.

Follow the instructions for either the External Database or Embedded Database. If you have not configured a database, use the Embedded instructions.

External Database Instructions

Stage One - Identify User

The first user added is always an admin. To restore your password you simply need to update the password hash in the USERS table with the admin hash

Connect to your database using a database admin tool such as DBVisualiser. Please download a database admin tool now if you do not have one installed already. Once installed, connect to your database and retrieve the list of administrator usernames with:

select * from USERS where ID=1

This command should list all users who belong to Bamboo-Admin user group.

Stage Two - Replace Administrator Password

Bamboo does not store passwords in plain text in the database, but uses hashes computed from the original password. You instead cut and a paste a hash, rather than the plain password, over the existing password. Below is the hash for the password admin


To change the password to admin for a given username:

  1. Shutdown Bamboo
  2. Connect to your database. run this SQL on your database:select * from USERS where NAME='admin'If you are using LDAP integration for user managment (not only authentication) then your admin user will be in a different table. The SQL to run is:

    update USERS set PASSWORD = 'x61Ey612Kl2gpFL56FT9weDnpSo4AV8j8+qx2AuTHdRyY036xxzTTrw10Wq3+4qQyB+XURPWx1ONxp3Y3pB37A==' where NAME = 'USER_NAME_FROM_STAGE_ONE'
  3. Start Bamboo
  4. Login with your username and your password is now admin

(info) Bamboo Password Hashing

  • Before Bamboo 4.3.x the pure hashing method was used for which the hash of 'admin' is:
  • From Bamboo 4.3.x the salted hash is used which can be recognized by the PKCS. The hash for 'admin' using the new method is:
  • However, the old hash will still work for all Bamboo versions when manually inserted into the DB.

Embedded Database Instructions

Stage One - Identify Administrator

This guide assumes that the first user added was an administrator. If this is not the case, search for the admin username and find their user id number, then modify their password hash instead.

  1. Shutdown Bamboo
  2. In your Bamboo home directory, open \database\defaultdb.script file in a text editor
  3. Search for the text:


    To find the administrator login entry:


    Where the 1 is the user id number, and USERNAME and PASSWORD_HASH are actual values.
    As an example, my table entry for user admin with password admin looks like this;

INSERT INTO USERS VALUES(1,'admin','x61Ey612Kl2gpFL56FT9weDnpSo4AV8j8+qx2AuTHdRyY036xxzTTrw10Wq3+4qQyB+XURPWx1ONxp3Y3pB37A==','','2007-08-14 11:26:18.504000000','admin')
  1. This step makes adminthe administrator's password. Bamboo does not store passwords in plain text in the database, but uses hashes computed from the original password. The hash for the characters admin is below:


    Paste the admin password hash between the '' characters of their existing PASSWORD_HASH. The new administrator login entry should look like:

    INSERT INTO USERS VALUES(1,'USERNAME','x61Ey612Kl2gpFL56FT9weDnpSo4AV8j8+qx2AuTHdRyY036xxzTTrw10Wq3+4qQyB+XURPWx1ONxp3Y3pB37A==','EMAIL','DATE_TIME','FULL_NAME')

    Where USERNAME is the administrator username.

  2. Save the file
  3. Start up Bamboo
  4. Login with the administrator username and password admin


最終更新日: 2017 年 9 月 11 日





Powered by Confluence and Scroll Viewport.