NetScaler

Resetting the default administrator password

The administrator account provides complete access to all ADC features. Therefore, to preserve security, the administrator account must be used only if necessary and if you require full access to know the password for the administrator account. It is recommended that you frequently change your password. If you lose the password, you must reset it to the default and then change it to a new one.

To reset your password, you must log on to your appliance and change the password. However, if you do not remember the password, you can reboot appliance in single user mode, mount the file system in read/write mode and then remove the Citrix ADC nsroot entry from the ns.conf file. As a final step, reboot and log onto your appliance with the default password and set a new password.

To reset the administrator password

  1. Connect a computer to the console port of the NetScaler and log on.

    Note

    You cannot log on by using SSH to perform this procedure; you must connect directly to the appliance.

  2. Reboot the NetScaler.

  3. Press CTRL+C when the following message appears:

    Press [Ctrl-C] for command prompt, or any other key to boot immediately.

    Booting [kernel] in # seconds.

  4. Run the following command to start the NetScaler in a single user mode:

    boot -s

    Note If boot -s does not work, then try reboot -- -s and appliance reboot in single user mode.

    After the appliance boots, it displays the following message:

    Enter full path name of shell or RETURN for /bin/sh:

  5. Press ENTER key to display the # prompt, and type the following commands to mount the file systems:

    1. Run the following command to check the disk consistency:

      fsck_ufs /dev/ad0s1a

      Note:

      Your flash drive has a specific device name depending on your Citrix ADC; hence, you have to replace ad0s1a in the preceding command with the appropriate device name.

    2. You must access the dev directory and enter ‘ls’ to check the drive details.

    3. Run the following command to display the mounted partitions:

      df

      If the flash partition is not listed, you must mount it manually.

    4. Run the following command to mount the flash drive:

      mount/dev/ad0s1a /flash

  6. Run the following command to change to the nsconfig directory:

    cd/flash/nsconfig

  7. Run the following commands to rewrite the ns.conf file and remove the set of system commands defaulting to the administrator user:

    1. Run the following command to create a configuration file that does not have commands defaulting to the administrator:

      grep –v “set system user nsroot” ns.conf \> new.conf

    2. Run the following command to make a backup of the existing configuration file:

      mv ns.conf old.ns.conf

    3. Run the following command to rename the new.conf file to ns.conf:

      mv new.conf ns.conf

  8. Run the following command to reboot the NetScaler:

    reboot

  9. Log on using the default nsroot user credentials.

  10. Run the following command to reset the password:

    set system user nsroot <New_Password>

    Note:

    To use the “?” character in a password string, precede this character with the “\” character.

    For example, yourexamplepasswd\? is set for the administrator account after you perform the following operation:

    > set system user nsroot yourexamplepasswd\?

Resetting the default administrator password