Staff & Editor

Technical Tip: FortiNAC CLI password recovery

Forum|Forum|7 years ago
September 28, 2018
0 replies
10844 views

Description

This article describes how to reset the root password for the CLI when it has been lost or forgotten. This procedure can be done on hardware and VM.

Note.

This procedure requires multiple reboots of the appliance.

Scope

CentOS 7

Solution

Access the CLI via a Keyboard and Monitor to the physical Appliance or the virtual machine console. Then proceed with the following steps (see the attached PDF for screenshot examples on the numbers 2-5):

1) Reboot appliance.

2) When a menu is presented that looks something like the following, select the option to edit (e).
CentOS Linux (3.10.0.-123...)
CentOS Linux, with Linux 3.10.0-123...
CentOS Linux, with Linux 0-rescue...

3) Use the cursor key to move down to the line that starts with the word "linux16".

4) Replace:
'ro' with 'rw'.
"console=ttyso,115200n8" with "rw init=/sysroot/bin/sh"
Note: "\" will automatically appear when text continues to the next line (to escape a line break character).

5) Press Ctrl-x to start on single user mode.
At this point, the appliance will boot into single-user mode. This will take 2-3 minutes.
At the end of the boot sequence, a '#' prompt will be presented.

Do the following to reset the root password...

6) Type
chroot /sysroot

7. Type
passwd root

8) Type
touch /.autorelabel

9) Type
exit

10) Reboot system
reboot

11) Login using the new root password.

12) Important: Once a known password has been created, reset the CLI password via the Configuration Wizard (https://fnac-IP:8443/configWizard).
For instructions, refer to the related KB articles below.
Use the newly created password as the existing password.