Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortimail unable to change " admin" account
Anybody ever seen a problem of NOT being able to delete the " admin" account via the gui or command line?
running this config-version=FE-3KD-5.00-FW-build142-130821 and support has not been very helpful with my case that' s over 10days.
The funny thing, all accounts are super_admin users profile, I can create any other account and modify the password or delete other super_admin_user profiles
config system admin
edit admin
set password ENC $1$2dce5882$JeaA0/./0SsqUZUGBsuxJ.
set access-profile super_admin_prof
next
And attempts to edit/delete that account " admin" fails, with a -37 error code.
Any ideals?
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The default " admin" account can' t be deleted.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That' s interesting and very bad.
I don' t have access to <admin> password nor can i change it. You would think this would not the standard practice for fortinet.
Here' s what notice something now & after reading your screenshot. On my other units, you get the following warning with you -37 that tells you it' s restricted.
( here I' m trying to delete it <admin> )
delete admin
entry is restricted! <------ was output
Command fail. Return code is -37
and here I' m trying to edit it
(admin) # edit admin
Command fail. Return code is -37
And the final problem, the auditors don' t want any standard login names installed on our security appliances;
e.g ( no.....)
admin
admininstrator
etc.....
Thanks for the tip, I will share this with TAC and see what they tell me know.
Also that last line is not correct, all of my units " super_admin_prof" accounts can reset and change any other account or delete any other accounts. They should re-write that.
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Again for future people to see this post and issue.
"admin" account can't be deleted on FortiMail, and per TAC reply this is by design. You can't even edit the "admin" account while your are logged in with other "super admins". You can only change it whilst logged in with "admin" itself. So never forget your "admin" password.
-1984-
-1984-
-1984-
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I wonder if any new releases of FML os will change this behavior? I was working on a team that wanted to strike any common "admin" accounts names ( admin Administrator root etc.....) and the FML was one item that could not be changed. FortiOS and the fortigates does allowed you to rename the admin account and delete it btw.
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan