Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
563
Views
0
Helpful
4
Replies

Issues when updating admin password of an FMC-managed FTD via Ansible

vonnpiolo
Level 1
Level 1

‎09-16-2025 07:53 AM

Hi.

We are currently facing issues when trying to automate the "admin" username via Ansible remote command execution.

We have a Cisco Firepower 2130 Threat Defense Version 7.4.2.2 (Build 28) which is manged via our FMC version 7.4.2.3.

Anytime we try to locally change the admin password (which works), then try to deploy a change done for that device through FMC, the local admin password gets overriden. 

This also happens everytime we run the Ansible module - it reverts back to the an older password, even if it returns a successful message:

"> expert",
            "CISCO-FTD:~$ sudo passwd admin",
            "Password: ",
            "New password: ",
            "Retype new password: ",
            "passwd: password updated successfully",
            "CISCO-FTD:~$ exit",
            "logout",
            "> exit",
            "Connection to CISCO-FTD_IP-ADDRESS closed."

I understand that the admin user in both FTD and FMC are independent from each other, but why does this happen?

0 Helpful
4 Replies 4

Karen763Purvis
Level 1
Level 1

‎09-18-2025 01:36 AM - edited ‎09-18-2025 08:53 PM

Hello!

The issue you're facing is due to the Cisco Firepower Management Center (FMC) acting as the central authority for its managed devices. When you change the admin password locally on the Firepower Threat Defense (FTD) device using Ansible, it creates a discrepancy with nelnet com the configuration stored on the FMC. Each time you deploy a policy from the FMC, it pushes its master configuration, which includes the old password, thereby overwriting your local change. To make the password change permanent, it must be managed and deployed from the FMC's interface, as any direct, local changes will be reverted. 

0 Helpful

Aref Alsouqi
VIP
VIP
In response to Karen763Purvis

‎09-18-2025 04:16 AM

It shouldn't, I've done it multiple times on different FTDs and never came across this issue. Out of interest, how would you change the FTD local admin password from the FMC?

0 Helpful

MHM Cisco World
VIP
VIP

‎09-18-2025 01:39 AM

Make sure the new password is as fmc password policy (no. Of characters and upper or lower case...etc.)

MHM

0 Helpful

Aref Alsouqi
VIP
VIP

‎09-18-2025 04:17 AM

When you push the change from the FMC, does it actually go through and applies to the FTD? or also the change gets reverted back?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card