We have enabled the security for access to MFDS Administration by:
 
a. Creating a user under to DSADMIN group
b. specifying "Restrict administration access" under Configure > Security > MF Directory Server

Now when anyone trying to access MFDS Admin page (http://servername:86), they need to supply this user ID and password. We would like to know, in case we forget the user ID or password, is it possible to reset or retrieve the user ID/password?

There is no simple way to bypass or reset an Administrator password without being logged on as an administrator already.  Our suggestion is to have define a second user under the DSADMIN group, who could log on and perform the task or reset the password of the first user.  It is normally good practice to have more than one administrator defined for just this case.  It is also useful if the first administrator is unavailable, out of the office, off sick or on vacation etc.

MFDS Internal Security user data is now kept in usr.dat in the MFDS repository directory.  Customers should consider this an opaque file - it's not meant to be read or updated by anything other than MFDS.

But usr.dat generally cannot be used in isolation - the permissions and resource data that composes a users profile, as well as group membership, is spread across several inter-related files: ace.dat, prm.dat, and ugp.dat.  Again, these should be considered opaque and restricted files.

There are no tools available for editing usr.dat, ace.dat, prm.dat, and ugp.dat.  If you were to delete usr.dat all userids would be deleted, not just the administrator.  We do not recommend manually altering these files.