Hi All,

In the event that the admin user needs to be reset on the FDM, the following procedure can be followed. One of the basic requirements is to have a user on which to log in, and it must have conf privileges.

Once you have logged in via external authentication, you can perform the actual magic to reset the admin user's password.

First we need to access the linux shell and elevate our access rights, by typing expert and elevate via sudo -i followed by the external authentication password - in other words, the same password used to access SSH itself.

Once our privileges have been elevated, the fun can begin and we can reset the administration password.

Type passwd admin
You will then be asked for your new password, type in the one you wish to use in the future - a confirmation prompt will follow to ensure that the passwords match.

> expert
ava-ftd01:~$ pwd    
/ngfw/Volume/home/bob-admin <--- Verify I am logged in as external user
ava-ftd01:~$ sudo -i
Password: <Password-of-bob-admin-ext-user>
root@ava-ftd01:~# passwd admin
New password: <New-admin-password>
Retype new password: <New-admin-password>
passwd: password updated successfully
root@ava-ftd01:~#

Once this has been done you’ve successfully recovered/reset the admin password, and you should be able to initiate another SSH session to the FTD and able to login as “admin” with your new password.

> expert
admin@ava-ftd01:~$ pwd
/home/admin <--- Verify I am logged in as admin user 

 Notes
once reset with root privileges, it will only work on first access. To make this change permanent, it is necessary to log back onto the Firewall MGMT and reset the password again using the following commands :

> configure password

will first ask you for the password you have just reset and then for the new one.

We have test this procedure on Cisco FPR1140 with vesion 7.2.9

Regards