You can also set the login attempts/retries to "10" instead of the default "3", so locking out your admin account i.e. is not "so easy".
I think the command is something like - set system login retries 10 or - set system login attempts 3 Sorry, it's already late for me ;-), was a long day. Kind regards, Markus Sent via iPhone. On 19.02.2012, at 22:46, "Kaiser, Markus" <[email protected]> wrote: > Hi again, > > Update is recommended as well, but not necessary now to regain access to the > device. > > But you need to do at least one reset, if possible. There's also a way > without resetting the device, but there you need to run a properly configured > radius server (with right filter-id radius attribute to be sent back to the > switch) and NetSight Policy Manager to configure the radius server and radius > managment login via SNMP on the device. That's a little bit more > work/complicated. > > Now to the easier way, with one reboot needed. > > Basically you.....backup your G3 configuration, either with NetSight > Inventory Manager Archive Management (via SNMP) or via the RW login and a > tftp server by issuing the commands > > - show config outfile configs/<filename> > - copy configs/<filename> tftp://<tftp server ip>/<filename> > > ...then you delete the line with "set system login admin disable" from the > file, save the file, copy it back to the device by > > copy tftp://<tftp server ip>/<filename> configs/<filename_new> > > then issue the > > - configure configs/<filename_new> > > command and say "yes" to reboot the device with the new config, which doesn't > include the "set system login admin disable" line, so you can login with > admin and enter again after successful reboot. > > This should work with the RW user. > > If you need help with the Inventory Manager way (reboot needed as well) or > Radius way, please let me know. > > It is also recommended to create a second super-user account on our devices > with a different username than admin, administrator or root i.e. and a > cryptic password, to be safe against brute-force attacks on those usernames, > which will be locked then normally. > > Kind regards, > > Markus > > > > Sent via iPhone. > > On 19.02.2012, at 22:16, "David J. Rodrigues" <[email protected]> wrote: > >> Hi, >> >> - At this moment the G3 is running "Rev 06.03.03.0008" firmware version. >> >> - Yes, I have snmp access to device >> >> - Yes, I have NetSight running >> >> - I can login with "rw" user, and looked at the config file (fresh generated >> now), and I could found, as you said, "set system login admin super-user >> disable"!!!!!!!! >> >> >> I must update firmware version so I can reset password, right? >> >> >> Thank you very much >> >> >> >> David Rodrigues >> >> >> >> -----Original Message----- >> From: Kaiser, Markus [mailto:[email protected]] >> Sent: domingo, 19 de Fevereiro de 2012 20:54 >> To: Enterasys Customer Mailing List >> Cc: Enterasys Customer Mailing List >> Subject: Re: [enterasys] G3 password reset >> >> Hi, >> >> what firmware version are you running on the G3? >> >> I think your problem is, that the admin account is "disabled", but with no >> password set now. >> >> Means, in your configuration you will find a line like >> >> "set system login admin disable" >> >> This is the reason why you can't login. >> >> There is a "fix" in the late 6.03.xx firmware versions, which not only >> resets the password of the admin account, also all super-user accounts will >> be re-enabled by pressing the PW reset button. >> >> >> Some questions: >> >> Firmware version? >> >> Do you (still) have snmp access to the device? >> >> Do you have NetSight Inventory Manager installed, even if only with >> evaluation license? >> >> Is the read-write account, user "rw" (with no password or "rw" as password >> still activated on the device? >> >> >> Kind regards, >> >> Markus >> >> >> Sent via iPhone. >> >> On 19.02.2012, at 21:42, "David J. Rodrigues" <[email protected]> wrote: >> >>> Hello all, >>> >>> For a strange reason i can't login with "admin" user. It doesn't accept the >>> password. >>> I've tried to reset password, pressing the button on the back side of the >>> switch, but didn't work! >>> I connected console cable and did it again (so I can see debug messages). >>> When I press reset button, a message confirms that button was pressed, but >>> no password reset (blank password not accepted)! >>> >>> What should I do? >>> >>> >>> David Rodrigues >>> --------------------------------------------------------------------------------------------------------------------------------------------------------- >>> E-MAIL DISCLAIMER >>> >>> This message contains confidential information and is intended only for the >>> individual named. If you are not the named addressee you should not >>> disseminate, distribute or copy this e-mail. Please notify the sender >>> immediately by e-mail if you have received this e-mail by mistake and >>> delete this e-mail from your system. >>> >>> E-mails are not encrypted and cannot be guaranteed to be secure or >>> error-free as information could be intercepted, corrupted, lost, destroyed, >>> arrive late or incomplete, or contain viruses. The sender therefore does >>> not accept liability for any errors or omissions in the contents of this >>> message which arise as a result of e-mail transmission. If verification is >>> required please request a hard-copy version. >>> >>> This e-mail and any files and attachments transmitted with it are >>> confidential and may be legally privileged. They are intended solely for >>> the use of the intended recipient. Any views and opinions expressed are >>> those of the individual author/sender and are not necessarily shared or >>> endorsed by ANA Aeroportos de Portugal S.A. or any associated or related >>> company. In particular e-mail transmissions are not binding for the >>> purposes of forming a contract and do not form a contractual obligation of >>> any type. Such contracts can only be formed in writing by post or fax, duly >>> signed by a senior company executive or members of the Board of Directors. >>> >>> The content of this e-mail or any file or attachment transmitted with it >>> may have been changed or altered without the consent of the author. If you >>> are not the intended recipient of this e-mail, you are hereby notified that >>> any review, dissemination, disclosure, alteration, printing, circulation or >>> transmission of, or any action taken or omitted in reliance on this e-mail >>> or any file or attachment transmitted with it is prohibited and may be >>> unlawful. >>> >>> If you have received this e-mail in error please notify ANA Aeroportos de >>> Portugal S.A. or any of its associated companies. >>> >>> Visit our website at http://www.ana.pt<http://www.ana.pt/> >>> >>> ANA - Aeroportos de Portugal, SA >>> Sede _ Rua D, Edificio 120, Aeroporto de Lisboa _ 1700-008 Lisboa >>> NIF e Matricula na Conservatoria do Registo Comercial de Lisboa (1a): >>> 500700834 _ Capital Social 200 000 000 Euros >>> >>> --- >>> To unsubscribe from enterasys, send email to [email protected] with the >>> body: unsubscribe enterasys [email protected] >> >> --- >> To unsubscribe from enterasys, send email to [email protected] with the body: >> unsubscribe enterasys [email protected] >> --------------------------------------------------------------------------------------------------------------------------------------------------------- >> E-MAIL DISCLAIMER >> >> This message contains confidential information and is intended only for the >> individual named. If you are not the named addressee you should not >> disseminate, distribute or copy this e-mail. Please notify the sender >> immediately by e-mail if you have received this e-mail by mistake and delete >> this e-mail from your system. >> >> E-mails are not encrypted and cannot be guaranteed to be secure or >> error-free as information could be intercepted, corrupted, lost, destroyed, >> arrive late or incomplete, or contain viruses. The sender therefore does not >> accept liability for any errors or omissions in the contents of this message >> which arise as a result of e-mail transmission. If verification is required >> please request a hard-copy version. >> >> This e-mail and any files and attachments transmitted with it are >> confidential and may be legally privileged. They are intended solely for the >> use of the intended recipient. Any views and opinions expressed are those of >> the individual author/sender and are not necessarily shared or endorsed by >> ANA Aeroportos de Portugal S.A. or any associated or related company. In >> particular e-mail transmissions are not binding for the purposes of forming >> a contract and do not form a contractual obligation of any type. Such >> contracts can only be formed in writing by post or fax, duly signed by a >> senior company executive or members of the Board of Directors. >> >> The content of this e-mail or any file or attachment transmitted with it may >> have been changed or altered without the consent of the author. If you are >> not the intended recipient of this e-mail, you are hereby notified that any >> review, dissemination, disclosure, alteration, printing, circulation or >> transmission of, or any action taken or omitted in reliance on this e-mail >> or any file or attachment transmitted with it is prohibited and may be >> unlawful. >> >> If you have received this e-mail in error please notify ANA Aeroportos de >> Portugal S.A. or any of its associated companies. >> >> Visit our website at http://www.ana.pt<http://www.ana.pt/> >> >> ANA - Aeroportos de Portugal, SA >> Sede _ Rua D, Edificio 120, Aeroporto de Lisboa _ 1700-008 Lisboa >> NIF e Matricula na Conservatoria do Registo Comercial de Lisboa (1a): >> 500700834 _ Capital Social 200 000 000 Euros >> >> --- >> To unsubscribe from enterasys, send email to [email protected] with the body: >> unsubscribe enterasys [email protected] --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
