Summary
This document contains information about recovering the password of the NetScaler appliance.
Recovering the Password for a NetScaler Appliance
At times, you might need to recover the password for a NetScaler appliance if the user of the appliance has forgotten the same. To recover the password for the NetScaler appliance, complete the following procedure:
Note: Refer to the transcript in the More Information section for the complete list of the various commands run on the appliance and the respective output.
- Attach a console cable to the Serial Console (9600 baud, 8 bits, 1 stop bit, No parity) of the NetScaler appliance.
- Restart the NetScaler appliance.
- Press any of the following keys, as prompted:
Press Spacebar when the following message is displayed:
Hit [Enter] to boot immediately, or any other key for command prompt Booting [kernel] in 10 seconds Press Ctrl and C keys simultaneously when the following message is displayed: Press [Ctrl-C] for command prompt, or any other key to boot immediately. Booting [kernel] in 2 seconds...
- To start the appliance kernel on a single user mode, enter the following command:
boot –s
Note: If boot -s does not work, then try reboot -- -s and appliance will reboot in single user mode.
- Press Enter when the following message is displayed:
Enter full pathname of shell or RETURN for /bin/sh:
Note: Notice that the prompt of the appliance changes to \u@\h\$.
- Run the following command to check the disk consistency:
\u@\h\$ /sbin/fsck /dev/ad0s1a
Note: Refer to the Knowledge Center article CTX121853 – Device Names Assigned to Hard Disk in Various Models of the Citrix NetScaler Appliance to verify the device name assigned to the hard disk of the appliance model and replace ad0s1a in the preceding command with the appropriate device name.
- Run the following command to display the mounted partitions:
df
- Run the following command to mount the flash drive:
\u@\h\$ /sbin/mount /dev/ad0s1a /flash
If the preceding command fails to mount the flash drive, then run the following command to create the flash directory and then run the preceding command again to mount the drive:
\u@\h\$ mkdir /flash
- Run the following command to change to the nsconfig directory:
\u@\h\$ cd /flash/nsconfig
- Run the following set of commands to rewrite the ns.conf file and remove the set of system commands defaulting to the nsroot user:
a. Run the following command to create a new configuration file that does not have commands defaulting to the nsroot user:
\u@\h\$ grep –v “set system user nsroot” ns.conf > new.conf
b. Run a command similar to the following command to make a backup of the existing configuration file:
\u@\h\$ mv ns.conf old.ns.conf
c. Run the following command to rename the new.conf file to ns.conf:
\u@\h\$ mv new.conf ns.conf - Run the following command to restart the appliance:
reboot
- Log in to the appliance by using the default nsroot user credentials.
- Run the following command to reset the nsroot user password of your choice:
> set system user nsroot
The following is a transcript of the complete procedure to recover the password of the NetScaler appliance:
Console: serial port
BIOS drive C: is disk0
BIOS drive D: is disk1
BIOS 637kB/1046500kB available memory
FreeBSD/i386 bootstrap loader, Revision 0.8
(murray@builder.FreeBSD.org, Tue Sep 18 10:05:43 PDT 2001)
Loading /boot/defaults/loader.conf
ns-6.1-86.1 text=0x4b6260 data=0x64908d0+0x5b50f4
Hit [Enter] to boot immediately, or any other key for command prompt.
Booting [kernel] in 2 seconds...
Type '?' for a list of commands, 'help' for more detailed help.
ok boot –s
Copyright (c) 1992-2003 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 4.9-NETSCALER-6.1 #0: Tue Dec 6 00:52:06 PST 2005
build@amber.netscaler.com:/usr/obj/usr/home/build/rs_61/usr.src/sys/NETSCALER
Calibrating clock(s) ...
Mounting root from ufs:/dev/md0c
da0 at ahc0 bus 0 target 0 lun 0
da0:
da0: Serial Number 3JA9380Z00007453SCPE
da0: 160.000MB/s transfers (80.000MHz, offset 63, 16bit), Tagged Queueing Enabled
da0: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C)
md0: invalid primary partition table: no magic
start_init: trying /sbin/init
Enter full pathname of shell or RETURN for /bin/sh:
\u@\h\$
\u@\h\$ /sbin/fsck /dev/ad0s1a
ad0s1: type 0xa5, start 32, end = 500735, size 500704 : OK
** /dev/ad0s1a
** Last Mounted on /flash
** Phase 1 - Check Blocks and Sizes
** Phase 2 - Check Pathnames
** Phase 3 - Check Connectivity
** Phase 4 - Check Reference Counts
** Phase 5 - Check Cyl groups
7594 files, 178477 used, 64114 free (7250 frags, 7108 blocks, 3.0% fragmentation)
***** FILE SYSTEM MARKED CLEAN *****
\u@\h\$ /sbin/mount /dev/ad0s1a /flash
ad0s1: type 0xa5, start 32, end = 500735, size 500704 : OK
\u@\h\$ cd /flash/nsconfig
\u@\h\$ df
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/md0c 100750 86088 12648 87% /
/dev/ad0s1a 242591 178477 44707 80% /flash
\u@\h\$ grep -v "set system user nsroot" ns.conf > new.conf
\u@\h\$ mv ns.conf old.ns.conf
\u@\h\$ mv new.conf ns.conf
\u@\h\$ reboot
Waiting (max 60 seconds) for system process `vnlru' to stop...stopped
Waiting (max 60 seconds) for system process `bufdaemon' to stop...stopped
Waiting (max 60 seconds) for system process `syncer' to stop...stopped
syncing disks...
done
Uptime: 17m53s
Rebooting...
Hit [Enter] to boot immediately, or any other key for command prompt.
Booting [kernel] in 2 seconds...
Booting [kernel] in 1 second...
Booting [kernel]...
Feb 28 20:15:40 10.178.35.81 02/28/2006:20:15:35 GMT ns : EVENT STATECHANGE : Device "self node 10.178.35.81" - State UP
nssyslog nsvpnlog daemon
nsconmsg:Netscaler Syslog Daemon Starting....
nsconmsg:Netscaler Syslog Daemon Starting....
Displaying accesslogs information
Performance Data Record Version 2.0
Started
Feb 28 20:15:52 ns netscaler: self node 10.178.35.81: UP
login: nsroot
Password:
Last login: Tue Feb 28 13:33:47 from 10.153.38.125
Done
Post a Comment