Wired Intelligent Edge

 View Only
last person joined: yesterday 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Expand all | Collapse all

How can i remove admin account from my Aruba JL479A 8320 switch

This thread has been viewed 26 times
  • 1.  How can i remove admin account from my Aruba JL479A 8320 switch

    Posted Apr 01, 2022 10:08 AM
    Hi team,

    Can anyone help me out with how i can remove admin account from my Aruba JL479A 8320 switch, instead of using admin account i can only use the authorized user accounts.


    If this admin user can not be deleted ,is there any proper documentation for this please share with me for the reference.




    ------------------------------
    sanjib behera
    ------------------------------


  • 2.  RE: How can i remove admin account from my Aruba JL479A 8320 switch
    Best Answer

    MVP GURU
    Posted Apr 02, 2022 05:03 AM
    Hi Sanjib,

    Aruba AOS-CX 10.09 Security Guide for 8320, 8325, 8400, 10000 Switch Series (Edition 1, December 2021)



    ------------------------------
    Davide Poletto
    ------------------------------



  • 3.  RE: How can i remove admin account from my Aruba JL479A 8320 switch

    Posted Apr 02, 2022 11:17 PM
    Thanks, Parnassus

    For this help,
    One more thing i have an Aruba WLC Aruba7205 with an 8.5.0.6 firmware version it also has a default admin user can it be deleted or disabled?
    If there is any document please share it with me.



    ------------------------------
    sanjib behera
    ------------------------------



  • 4.  RE: How can i remove admin account from my Aruba JL479A 8320 switch

    EMPLOYEE
    Posted Apr 03, 2022 02:21 AM
    Hello, 
    The default mgmt user admin of AOS controllers cannot be removed, only non-default root users can be deleted.
    (WLC01) [mynode] (config) #show mgmt-user

    Default password recovery user: Enabled

    Management User Table
    ---------------------
    USER PASSWD ROLE STATUS PATH Max-concurrent-sessions
    ---- ------ ---- ------ ---- -----------------------
    admin ***** root ACTIVE / N/A
    manager ***** root ACTIVE / N/A
    (WLC01) [mynode] (config) #no mgmt-user admin
    Cannot Delete Default user admin.

    (WLC01) [mynode] (config) #no mgmt-user manager
    (WLC01) ^[mynode] (config) #write m



    There is an option to disable authentication using local accounts (including admin) when external RADIUS and TACACs servers are reachable. Have a look at page 890. Disabling Authentication of Local Management User Accounts

    https://support.hpe.com/hpesc/public/docDisplay?docId=a00072769en_us

    (WLC01) [mynode] (config) #show mgmt-user local-authentication-mode

    Local Authentication Mode: Enabled
    (WLC01) [mynode] (config) #no mgmt-user localauth
    (WLC01) ^[mynode] (config) #write m

    Saving Configuration...

    Configuration Saved.
    (WLC01) [mynode] (config) #show mgmt-user local-authentication-mode

    Local Authentication Mode: Disabled

    ------------------------------
    Emil Gogushev
    ------------------------------