Connectrix Brocade VDX: Recovering the ROOT and other users password for Brocade VDX switch.

           

   Article Number:     500563                                   Article Version: 4     Article Type:    How To 
   

 


Product:

 

Connectrix,Connectrix B-Series Hardware,Connectrix VDX-6740B,Connectrix VDX-6740T,Connectrix VDX-6940B

 

Instructions:

 

 

   

      To recover or reset all passwords for Connectrix Brocade VDX-6740B follow the procedure below:     
     
      Note that this procedure will show how to reset recover and reset the ROOT password and the possibility yo reset admin and non-default passwords.     
      Read this procedure first in full, to be able to understand the activity.     
     
      Use this procedure if you do not have access to the root account.     
      To reset the root password to its factory default value on a Brocade VDX switch, set a password for the admin account, and then restore nondefault user accounts, follow these steps:     
      You may need to disable the root account using the no root enable command.       
        ==================
     
      1. Establish a connection to the switch through the switch serial port using a terminal emulator. (the port with the "I0I0I" sign.)     
      2. Power-cycle the switch.     
      3. When prompted to Hit ESC to stop AutoBoot: press Esc. (due to latency of a remote connection, might want to press Esc multiple times.)     
      When Esc. is pressed the Boot PROM menu is displayed with the following options:     
     
      1) Start system. (Reboots the system.)     
      2) Recover password. (Generates a character string for your support provider to recover the Boot PROM password. Use this feature only when directed by technical support personnel. If the Boot Prom password is not set then continue to 4.)     
      3) Enter command shell: (Opens a command shell so you can reset all system passwords.)     
     
      For Example:     
      Checking system RAM - press any key to stop test     
      Checking memory address: 00100000     
      System RAM test terminated by keyboard     
      set_bootstatus: BS_LOAD_OS, platform_idx = 6     
      Hit ESC to stop autoboot: 0     
      1) Start system.     
      2) Recover password.     
      3) Enter command shell.     
      Option?     
     
      --------------------------------------------------------------------------------------------------------------------------------------------------------     
      NOTE:   

   
         
  •         If the ESC key is not effective during reboot, turn the power off and back on, and then try again.      
  •      
  •         If the ESC key is still not effective, check the serial console cable.      
  •      
  •         If the cable is connected correctly, then the unit must be returned for service or repair.     
  •    
   

      --------------------------------------------------------------------------------------------------------------------------------------------------------     
      4. Enter 3 at the prompt to open the command shell.     
      5. If the Boot PROM password has been set, you are prompted to enter it.     
      Note that:     
      The Boot PROM has a password only if one was defined. If the Boot PROM password has not been set, you will not be prompted to enter one.     
      ATTENTION If you are prompted to enter a new Boot PROM password, make sure it is at least 8 characters in length.     
      Do not select this option unless specifically instructed by support personnel.     
     
      For Example:     
      Boot PROM password has not been set.         
          =>
     
     
      Hit the ENTER key.     
      6. a. With the command printenv one can see the current environment options, this will show stored settings.     
     
          b. Append "S" to the boot arguments so that the switch boots into single-user mode, enter the command     
              setenv bootargs "root=/dev/sda1 rootfstype=ext4 quiet S"      
     
      For Example:     
      => setenv bootargs "root=/dev/sda1 rootfstype=ext4 quiet S"     
     
      7. Enter the printenv command to verify the change.     
      The following example highlights the field whose value you need to note.     
     
      For Example:     
      => printenv         
          AutoLoad=yes         
          LoadIdentifiers=Fabric Operating System;Fabric Operating System         
          OSLoadOptions=quiet         
          OSRootPartition=sda2;sda1         
          SkipWatchdog=yes         
          autoset_mac=true         
          baudrate=9600         
          bootargs=root=/dev/sda1 rootfstype=ext4 quiet S         
          bootcmd=execute_internal_bootcmd         
                (output truncated)
     
     
      8. Enter the saveenv command to save the changes.     
     
      For Example:     
      => saveenv         
          Saving Environment to Flash.....Done
     
     
      9. Enter the reset command to bring up the device in single-user mode     
     
      For Example:     
      => reset         
          BootROM version: 1.0.48         
          Copyright (C) 2011 Brocade Communication.
   

   

      CPU0: P4080E, Version: 2.0, (0x82080020)         
               (output truncated)
     
     
      10. Enter the mount command with the following parameters to remount the root partition as read/write capable.     
     
      For Example:     
      sh-2.04# mount -vo remount,rw,noatime /   

   

      /dev/root on / type ext4 (rw,noatime)     
     
      11. Mount the secondary partition.     
      Examine the output of the printenv command in Step 7, to check which partition the root points to in the boot arguments (bootargs = root setting). If the root partition is sda2, then use sda1 in this command. If the root partition is sda1, then use sda2.   

   

      For Example:     
      sh-2.04# mount /dev/sda2 /mnt     
     
     
      12. Enter the passwddefault command to reset the root password to the factory default value or the /sbin/passwddefault -f (to reset the root password and forcefully enable the root account).     
     
      For Example:     
      sh-2.04# /sbin/passwddefault -f       
       
        --------------------------------------------------------------------------------------------------------------------------------------------------------       
        NOTE
     
      For Network OS, the passwddefault -f command restores the passwords of factory default accounts to their default values, removes non-default user accounts that are present, and enables the root account (if it is disabled). Error messages seen during the execution of that command (applicable to Network OS 3.0.0) should be ignored.     
      --------------------------------------------------------------------------------------------------------------------------------------------------------       
       
        In a dual management-module (MM) chassis, enter the passwddefault command on the standby MM for password recovery.       
        13. Reset the boot arguments by removing the "S".
     
     
      For Example:     
      sh-2.04# bootenv bootargs "root=/dev/sda1 rootfstype=ext4 quiet"     
     
      14. Reboot the switch by using thpartman -r command.     
      For Example:     
      sh-2.04# partman -r     
     
      15. Log in to the switch by using the serial interface or Telnet. Use the factory default accounts (root/admin/user).     
      16. Start the Network OS command line.     
     
      For Example:     
      switch:root> noscli     
     
      SECURITY WARNING: The default password for at least one default account (root, admin and user) have not been changed.   

   

      Welcome to the Brocade Network Operating System Software admin connected from 127.0.0.1 using console on switch.     
     
      17. Enter global configuration mode.     
     
      For Example:     
      switch# configure terminal         
               Entering configuration mode terminal          
          switch(config)#
     
     
      18. Use the following syntax of the username command to reset passwords for the admin or user accounts, or for any other non-default users. switch(config)# username account-name password new-password     
     
      The following example resets the admin password to the default value of "password."     
     
      For Example:     
      switch(config)# username admin password password     
     
      19. To restore the non-default user accounts, perform the following steps:     
     
      a. Copy the running-config to a file.     
     
      For Example:     
      switch# copy running-config flash://running-config.cfg       
        2012/07/09-11:51:21, [DCM-1108], 4930, M2, INFO, VDX8770-4, Running configuration file has been uploaded successfully to the remote location.
     
     
      b. Copy the default-config to the startup-config, to reset the startup-config.     
     
      For Example:     
      switch# copy default-config startup-config     
     
      c. Reboot the switch.     
      For Example:     
      switch# reload     
      Warning: Unsaved configuration will be lost. Please run ’copy running-config startup-config’ to save the current configuration if not done already.     
     
      Are you sure you want to reload the switch? [y/n]:y     
      The system is going down for reload NOW !!     
     
      d. Copy the file saved in Step 19a to the running-config.     
      For Example:     
      switch# copy flash://running-config.cfg running-config     
      Loading.         
          2012/07/09-12:08:13, [DCM-1105], 5456, M2, INFO, VDX8770-4,
Copy of the downloaded config file to the current running-config has completed successfully on this node.     
     
      e. Copy the running-config to the startup-config.     
      For Example:     
      switch# copy running-config startup-config   

   

     
      The password recovery procedure is now complete.     
      You can now use normal password-management procedures from the admin account.