Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kevchall
New Contributor

Login Problems 1000D authenticator

I have been on the box all day and after about 4 hours I could not log back in I keep getting this message.  trying to log in through admin just get message. Your account has been locked

Can someone help with this.

I have created a profile in the radius server and can log in through that but have no option in it.

 

Cant log in though CLI either just get same message. Your account has been locked

1 Solution
Carl_Windsor_FTNT

Looks like you have a lockout policy configured in Authentication > User Account Policies > Lockouts and have locked the account out due to too many incorrect passwords.  Do you have another admin account configured?  If not, try a password reset:

 

Connect a console cable then reboot the unit (or use the VM Console). As soon as the login prompt appears use the username “maintainer” and bcpb<Serial> as the password where the <Serial> is the case sensitive serial number of the unit.  I recommend you get ready with this to cut and paste as you need to do this within the 10 seconds of the appearance of the login prompt.  Once in there is a admin password reset command.

 

However, I am not 100% this will clear the lockout.   I would need to research some more but it is worth giving a shot in the mean time.

 

Carl

Dr. Carl Windsor Field Chief Technology Officer Fortinet

View solution in original post

2 REPLIES 2
Carl_Windsor_FTNT

Looks like you have a lockout policy configured in Authentication > User Account Policies > Lockouts and have locked the account out due to too many incorrect passwords.  Do you have another admin account configured?  If not, try a password reset:

 

Connect a console cable then reboot the unit (or use the VM Console). As soon as the login prompt appears use the username “maintainer” and bcpb<Serial> as the password where the <Serial> is the case sensitive serial number of the unit.  I recommend you get ready with this to cut and paste as you need to do this within the 10 seconds of the appearance of the login prompt.  Once in there is a admin password reset command.

 

However, I am not 100% this will clear the lockout.   I would need to research some more but it is worth giving a shot in the mean time.

 

Carl

Dr. Carl Windsor Field Chief Technology Officer Fortinet

Carl_Windsor_FTNT

Actually, I tested the latest release (3.3) and even when the admin password is entered incorrectly enough times to permenently lock a normal user, an admin account is only locked temporarily (60s) as expected.  Which version are you running?

Dr. Carl Windsor Field Chief Technology Officer Fortinet

Labels
Top Kudoed Authors