Re: Jamie,There is a way to - Page 2

joergwesely · ‎03-01-2012

Hi all,

we need to check if the security password is documented correct for a CUCM 8.6 cluster.

Is there a way to validate a given security password like a CLI command "validate security password"?

The only way I know is setting up a system in the lab and check if I can restore a backup.

I know I can reset the security password, but that's something I want to avoid because it requires rebooting the servers.

Thank you in advance

Jörg

MitchWalton56803 · ‎11-08-2019

Jamie, thanks for the accurate information.

Sanadh Hussain · ‎06-10-2020

That's a good method to validate.

vrolive · ‎04-29-2021

Still works with CUCM12.5(1)SU4. THANK YOU!!

niterid3r · ‎10-09-2014

There is no official way of validating this but I found an unofficial way which worked for me.

Try to change the password with command ‘set password user security’
It will prompt you to type existing password
Then it will prompt you to type new password

If you enter the existing and new password the same and if the existing password is correct, it will give you an error ‘please use a password different from the existing one

Press Ctr-C for a forceful log out.

cerksies · ‎06-29-2015

FYI, this is not valid.

If you use the command "set password user security" and you type in anything for the "old password" and you type the same thing in for "new password" it will say that "old and new password are the same" - therefore it's not checking it against the current security password.

The post that gorourke posted below however IS valid.

AK007 · ‎06-09-2018

Hi niterid3r ,

The method you proposed is working and one of the BEST way to validate the security password of the system. I just want to add some test results as an evidence. I have personally tested this on my lab and also in the customer Environment.

***** This method is only for VALIDATING THE SECURITY PASSWORD. (i.e) The customer knows his security password but was unsure of whether it is correct or wrong ******

CUCM Version : 10.5.2.12900-14

Publisher CLI

===================================

login as: cucmadmin
cucmadmin@10.106.102.70's password:
Command Line Interface is starting up, please wait ...

Welcome to the Platform Command Line Interface

VMware Installation:
2 vCPU: Intel(R) Xeon(R) CPU E5-2698 v4 @ 2.20GHz
Disk 1: 110GB, Partitions aligned
6144 Mbytes RAM

admin:
admin:show version active
Active Master Version: 10.5.2.12900-14
Active Version Installed Software Options:
cmterm-ata190.1-2-2-003.k3.cop
cmterm-ata190-qed.1-2-2-003.k3.cop
admin:
admin:

admin:
admin:
admin:set password user security
Please enter the old password: *************
Please enter the new password: *************
Old and New password are the same.Please use a password different from the existing one

Please enter the new password:

=====================================

I know my Security password and I gave the same one for both OLD and NEW PASSWORD when prompted. Since both were same , the system prompted me to enter a different one. This is evident from the result above.

HENCE PROVED ...

Thanks niterid3r for sharing the same.

blatkinson · ‎11-09-2016

My results weren't quite as advertised, so I thought I'd share. Applies to CUCM 7.1.5.34063-1

This is what I found as the output when doing this trick, and guessing correctly the old password:

admin:set password user security
Please enter the old password: *********
Please enter the new password: ******** <--cisco123
Reenter new password to confirm: ******** <--cisco123
The Security password has now been reset <-- (well, not really, keep going)

WARNING:
Please make sure that the security password on the publisher is changed first.
The security password needs to be the same on all the cluster nodes,
or the publisher and subscriber(s) will not communicate.
After changing the security password on a cluster node, please restart that node.

Continue (y/n)?y

Please wait...

Executed command unsuccessfully
BAD PASSWORD: it is based on a dictionary word

This is what I saw when my password guess was wrong:

admin:set password user security
Please enter the old password: ***********
Please enter the new password: ********
Reenter new password to confirm: ********
The Security password has now been reset

WARNING:
Please make sure that the security password on the publisher is changed first.
The security password needs to be the same on all the cluster nodes,
or the publisher and subscriber(s) will not communicate.
After changing the security password on a cluster node, please restart that node.

Continue (y/n)?y

Please wait...

Executed command unsuccessfully
Password changed too soon

erikasasaki · ‎01-30-2018

I know this is an old thread, but recently had to find a way to get the security password for CUCM, CUC and CUIC in preparation for a restore and upgrade procedure. What we ended up doing is logging a TAC case. We were asked by the engineer to get the file /usr/local/platform/conf/platformConfig.xml and provide it to him. TAC was able to extract the security password from there and it worked.

Rishabh.Sankhala · ‎06-03-2019

You may follow the link to get all the details about password verification, change, methods etc.

https://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/213527-changing-cucm-os-admin-and-security-pass.html

Pls. respond if this resolve the problem.

Liked it ?

How can I validate a security password on CUCM 8.6?