Skip to main content
emnoc
emnoc
New Member
January 17, 2014
Question

Fortimail unable to change " admin" account

  • January 17, 2014
  • 3 replies
  • 14061 views
Anybody ever seen a problem of NOT being able to delete the " admin" account via the gui or command line? running this config-version=FE-3KD-5.00-FW-build142-130821 and support has not been very helpful with my case that' s over 10days. The funny thing, all accounts are super_admin users profile, I can create any other account and modify the password or delete other super_admin_user profiles config system admin edit admin set password ENC $1$2dce5882$JeaA0/./0SsqUZUGBsuxJ. set access-profile super_admin_prof next And attempts to edit/delete that account " admin" fails, with a -37 error code. Any ideals?

    3 replies

    Bromont_FTNT
    Staff
    Bromont_FTNT
    Staff
    January 17, 2014
    The default " admin" account can' t be deleted.
    Bromont_FTNT
    Staff
    Bromont_FTNT
    Staff
    January 17, 2014
    Screenshot from the CLI admin guide:
    emnoc
    emnocAuthor
    New Member
    January 17, 2014
    That' s interesting and very bad. I don' t have access to <admin> password nor can i change it. You would think this would not the standard practice for fortinet. Here' s what notice something now & after reading your screenshot. On my other units, you get the following warning with you -37 that tells you it' s restricted. ( here I' m trying to delete it <admin> ) delete admin entry is restricted! <------ was output Command fail. Return code is -37 and here I' m trying to edit it (admin) # edit admin Command fail. Return code is -37 And the final problem, the auditors don' t want any standard login names installed on our security appliances; e.g ( no.....) admin admininstrator etc..... Thanks for the tip, I will share this with TAC and see what they tell me know. Also that last line is not correct, all of my units " super_admin_prof" accounts can reset and change any other account or delete any other accounts. They should re-write that.
    sotir1984
    sotir1984
    New Member
    February 28, 2018

    Hi,

     

    Again for future people to see this post and issue.

     

    "admin" account can't be deleted on FortiMail, and per TAC reply this is by design. You can't even edit the "admin" account while your are logged in with other "super admins". You can only change it whilst logged in with "admin" itself. So never forget your "admin" password.

     

    -1984-

    emnoc
    emnocAuthor
    New Member
    February 28, 2018

    I wonder  if any new releases of FML os will change this behavior? I was working on a team that wanted to  strike any common "admin" accounts names ( admin Administrator root etc.....) and the FML was one item that could not be changed. FortiOS and the  fortigates does allowed you to rename the admin account and delete it btw.

     

     

    Terms & ConditionsAccessibility statement