Wireless Access

Reply
New Contributor
Posts: 3
Registered: ‎08-30-2007

I have a controller that has a password policy on it and I do not know the admin password.

I have logged in as password and tried to change the admin password but get the error:

 

Non-Compliant to Mgmt Passwrod Policy

Internal error occurred, Password validation failed

 

I've tried to reset the password by guessing comblinations of uppercase/lowercase/special characters/numbers but have had no success.

 

Does anyone have a suggestion of what else I might try?

Aruba
Posts: 1,644
Registered: ‎04-13-2009

Re: I have a controller that has a password policy on it and I do not know the admin password.

[ Edited ]

You can reset the password by consoling into the controller and following these steps:

 

 

User: password
Password: forgetme!
(aruba) >enable
Password: enable
(aruba) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z
(aruba) (config) #mgmt-user admin root
Password:
Retype password:
(aruba) (config) #exit
(aruba) #exit
(aruba) >exit


User: admin
Password:
(aruba) >enable
Password: enable
(aruba) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z
(aruba) (config) #enable secret
Password:
Re-Type password:
(aruba) (config) #write memory

 

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

MVP
Posts: 729
Registered: ‎12-01-2010

Re: I have a controller that has a password policy on it and I do not know the admin password.

Clembo,

 

I think OP tried that. If there's a password policy set, he must match it to set a new password.

I found a few other threads with the same experience, but none of them had an answer.

One did imply that he'd have to wipe the configuration.

 

Anyone know how to change or circumvent the policy?

--Matthew

if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it
Aruba
Posts: 1,644
Registered: ‎04-13-2009

Re: I have a controller that has a password policy on it and I do not know the admin password.

Thanks Matthew, I see that now.

 

Try and run the following from the console:

 

 

User: password
Password: forgetme!
(aruba) >enable
Password: enable
(aruba) #show running-config | begin password-policy

 

This may show you the current password-policy for the mgmt users.   If so, try the procedure from ealier with the proper values.

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

New Contributor
Posts: 3
Registered: ‎08-30-2007

Re: I have a controller that has a password policy on it and I do not know the admin password.

I get the message:

 

You do not have permission to execute this show command.

 

Does this mean I need to wipe the configuration, if so how would I do that?

MVP
Posts: 1,404
Registered: ‎11-07-2008

Re: I have a controller that has a password policy on it and I do not know the admin password.

You will first have to reset the password for admin when you use 'password'forgetme!', the ONLY command you are allowed to run is the 

 

conf t

mgmt-user admin root

<resetpassword>

 

Then log out and back in with Admin and your new password (enable resets to 'enable') and then you can run whatever commands you want.

Jerrod Howard
Sr. Techical Marketing Engineer
Aruba
Posts: 1,296
Registered: ‎08-29-2007

Re: I have a controller that has a password policy on it and I do not know the admin password.

I came across this recently after I restored a customers configuration onto a lab controller.

 

I didn't know their admin password so went through the password recovery feature.  After that I couldn't reset the admin password due to password-policy.

 

The solution for me was to create a new mgmt-user and log in with that account.  You should then be able to view the config and password-policy.

 

User: password
Password: forgetme!
(aruba) >enable
Password: enable
(aruba) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z
(aruba) (config) #mgmt-user anotheruser root
Password:
Retype password:
(aruba) (config) #exit
(aruba) #exit
(aruba) >exit

If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACMP, ACMX #294
mclarke@arubanetworks.com
New Contributor
Posts: 3
Registered: ‎08-30-2007

Re: I have a controller that has a password policy on it and I do not know the admin password.

When I try to reset the admin password it fails, because of a password policy:
User: password
Password: forgetme!
(aruba) >enable
Password: enable
(aruba) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z
(aruba) (config) #mgmt-user admin root
Password:
Retype password:
(aruba) (config) #exit
(aruba) #exit
(aruba) >exit

Non-Compliant to Mgmt Passwrod Policy
Internal error occurred, Password validation failed

 

When I try to create a new users, if fails, because of a password policy:
User: password
Password: forgetme!
(aruba) >enable
Password: enable
(aruba) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z
(aruba) (config) #mgmt-user anotheruser root
Password:
Retype password:
(aruba) (config) #exit
(aruba) #exit
(aruba) >exit

Non-Compliant to Mgmt Passwrod Policy
Internal error occurred, Password validation failed


When I try to see the password policy, it fails because I don't have permissions to run the command:
User: password
Password: forgetme!
(aruba) >enable
Password: enable
(aruba) #show running-config | begin password-policy

You do not have permissions to execute this show command

Aruba
Posts: 1,296
Registered: ‎08-29-2007

Re: I have a controller that has a password policy on it and I do not know the admin password.

do you have a flashbackup from this controller?


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACMP, ACMX #294
mclarke@arubanetworks.com
MVP
Posts: 1,404
Registered: ‎11-07-2008

Re: I have a controller that has a password policy on it and I do not know the admin password.

Are you trying to use an absurdly complex password? something like:

 

!QAZ2wsx#EDC4rfv1234QWERasdfZXCV

 

If that won't work, I'm not sure what your options are short of re-imaging the controller. But using an absurdly long complex password won't work, and without knowing the policy, I'm not sure what's left.

Jerrod Howard
Sr. Techical Marketing Engineer
Search Airheads
Showing results for 
Search instead for 
Did you mean: