Technical Tip: Recover access to FortiGate via FortiGate Cloud
| Description | This article describes a method to modify the administrator account when the admin access is lost to the FortiGate. This method requires FortiGate Cloud access, and the device must have a paid FortiGate Cloud subscription. |
| Scope | FortiGate. |
| Solution | Note: The legacy method to reset the password of the 'admin' account using the built-in 'maintainer' account to reset the administrator password was removed in FortiOS v7.2.4 and later, see Technical Tip: Removal of maintainer account feature.
Requirements:
Note: To purchase a FortiGate Cloud subscription, refer to the article below: Technical Tip: How to purchase FortiGate Cloud license via FortiCare
Navigate to FortiGate Cloud -> CLI scripts -> Script list -> Create new -> Run.
  
See FortiGate Cloud Administration Guide | CLI scripts for instructions on running CLI scripts.
To add a new administrator account, create and execute a new script using the following syntax:
config system admin
If the FortiGate is running a multi-VDOM configuration, use the following syntax instead:
config global
Alternatively, enabling the SSO FortiCloud administration access makes it possible to regain access to the FortiGate. Use the following syntax:
config system global set admin-forticloud-sso-login enable set admin-forticloud-sso-default-profile "super_admin" end
If the unit is not yet added to the FortiGate Cloud, but there is physical access to the unit, it is possible to add it with the FortiCloud key: FortiGate Cloud Administration Guide | Deployment
|