Does anyone have any suggestions on how to use Ansible to get around the admin initial password change of a brand new FortiGate?
We stage dozens of FortiGates a quarter in an isolated manner. Having to manually enter in the admin password first doesn't truly make this approach "zero-touch". We've been searching and trying with Ansible, but I'm missing something?
Thanks in advance for any help you can provide!
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
So, I'm not sure if this is the preferred way of doing this... but... I was able to figure it out by doing the following.
HOSTS:
[fortigates]
fortigate_pr ansible_host=192.168.1.99 ansible_user="admin" ansible_password=""
[fortigates:vars]
ansible_network_os=fortinet.fortios.fortios
fortigate_admin_password="password123"
YAML:
Hi there:
Can you please try the following and let me know if that works ?
Thank you,
Hope.
Actually, that's been the URL I've been working off of.
Again, this is a brand new FortiGate. No passwords have been set. I'm sure I'm missing something or doing something wrong. To give you an idea of what I'm trying:
HOSTS:
[fortigates]
fortigate_pr ansible_host=192.168.1.99 ansible_user="admin" ansible_password=""
[fortigates:vars]
ansible_network_os=fortinet.fortios.fortios
YAML:
---
- hosts: fortigates
connection: httpapi
collections:
- fortinet.fortios
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure Admin User.
fortios_system_admin:
vdom: "{{ vdom }}"
state: "present"
system_admin:
name: "admin"
password: "password123"
ERROR:
TASK [Configure Admin User.] ********************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ansible.module_utils.connection.ConnectionError: Wrong credentials. Please check
So, I'm not sure if this is the preferred way of doing this... but... I was able to figure it out by doing the following.
HOSTS:
[fortigates]
fortigate_pr ansible_host=192.168.1.99 ansible_user="admin" ansible_password=""
[fortigates:vars]
ansible_network_os=fortinet.fortios.fortios
fortigate_admin_password="password123"
YAML:
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1546 | |
1030 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.