How to reset the knimeadmin password from the CLI

Hi there,

how can I reset the knimeadmin password from the CLI. I cannot use the webinterface because I don’t know the current password. However, I have CLI access to the machine the server runs on.

My auth config is as follows:

<Realm className=“org.apache.catalina.realm.DataSourceRealm” dataSourceName=“H2UserDatabase” roleNameCol=“ROLE_NAME” userCredCol=“USER_PASS” userNameCol=“USER_NAME” userRoleTable=“USER_ROLES” userTable=“USERS”>

<CredentialHandler algorithm=“SHA-256” className=“org.apache.catalina.realm.MessageDigestCredentialHandler”/>


KR Andreas

Hi Andreas,

It’s possible to manually reset the database. Under Linux you can run a script something like. Note that you’ll need to edit the script to reflect the correct locations (and the new password) in your case:


set -x

# Location of this script.

# tomcat home directory

# db parameters

# construct db query
newpassword=$($tomcat_home/bin/ -a sha-256 $newpassword)

echo "update users set user_pass='$newpassword' where user_name='knimeadmin';" > $location/dbscript

chown knime:knime $location/dbscript

# manipulate db
java -cp $tomcat_home/lib/h2*.jar -url $dburl -script $location/dbscript

# delete script file
rm dbscript

exit 0

Hi Jon,

thanks a lot for this code snippet!! It worked perfectly.

One note for other people who run into this situation: before running Jon’s script, you need to stop KNIME server as the database can only be used from one application at a time.



This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Hi all,

in case anyone wants to reset the knimeadmin password on Windows, this .bat script may work, or at least serve as a starting point for your own script. Please make sure to shut down the KNIME Server before changing it’s files on disk.

REM Variables you should edit.
SET CATALINA_HOME=C:\knime_server\apache-tomcat-9.0.58

REM db parameters
SET H2_LIB=%CATALINA_HOME%\lib\h2-1.4.199.jar
SET dburl=jdbc:h2:%CATALINA_HOME%\conf\userconf

REM construct db query
REM run our password through Tomcat's digest.bat
FOR /F "tokens=*" %%g IN ('%CATALINA_HOME%\bin\digest.bat -a sha-256 %NEW_PASSWORD%') DO (SET encpwd=%%g)
REM reduce result string to only the encrypted passsword
FOR /f "tokens=2 delims=:" %%A IN ("%encpwd%") DO SET encpwd=%%A

REM create sql statement to update user in a temporary file
ECHO update users set user_pass='%encpwd%' where user_name='knimeadmin'; > %~dp0\dbscript

REM manipulate db
java -cp %H2_LIB% -url %dburl% -script %~dp0\dbscript

REM delete temporary file
DEL %~dp0\dbscript

In both scripts (the Linux and Windows ones), you can also make it interactive where it can prompt for the password to be entered manually - that way you don’t have to delete the script and it can be re-used :wink: