Upcoming Maintenance Alert:

The UBNT Community will be upgraded at 5pm MDT on April 25th. During this time the community forums will be set to read-only status.

Learn more

×
Reply
Regular Member
Posts: 379
Registered: ‎09-23-2015
Kudos: 121
Accepted Solution

Controller not letting me change admin password

I backed up my contoller config from a previous server and restored it on a new one.  Now my new controller is not letting me change the password of my admin username. It just says "An Error Occurred."

 

 

Ideas?

UBNT Products: ERPoe-5, ERLite-3, USG-3, UAP-AC-PRO, UAP-PRO, NSM5
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/

Accepted Solutions
Ubiquiti Employee
Posts: 6,451
Registered: ‎01-28-2013
Kudos: 6238
Solutions: 563
Contributions: 20

Re: Controller not letting me change admin password


sjjenkins wrote:

I backed up my contoller config from a previous server and restored it on a new one.  Now my new controller is not letting me change the password of my admin username. It just says "An Error Occurred."

 

 

Ideas?


You can inject a user or overwrite the existing password. I've put 4.8.15 back on the site, which was the version prior to 4.8.18. I've also opened a ticket for the password change issue. Here is a general guide to change the password, written by @Steltek, although you can use it for what you're doing (you just don't need to perform all steps). 

 

It's more involved to inject a super user, but it is possible. Steps are not listed here.. 

 

Cheers,

Mike

 

Password reset procedure for Linux:

 

1. Find out your username.

 

If you don't know it any more and it's not 'admin', run this command to get all Admin users on the controller:

 

mongo --port 27117 ace --eval "db.admin.find().forEach(printjson);"

 

You should get a result like this:

 

MongoDB shell version: 2.4.10
connecting to: 127.0.0.1:27117/ace
{
"_id" : ObjectId("56e178af97f2d0511ce3abea"),
"email" : "admin@admin",
"last_site_name" : "default",
"name" : "admin",
"time_created" : NumberLong(1457617071),
"x_shadow" : "$6$O6Uuq5Vww6zNxd$06bwBj5v4e0omEZ97qRbiaZbOi75o.r5M4ympQYmY5FP8C.0QGenCIkymiK/YkWoDDfw1YcS42LYSFvPHgP7U0"
}

Note the "name" field above. It contains the username ("admin" in this example).

 

2. Generate a new password.

 

 

Run this command to get a new salted hash:

 

mkpasswd -m sha-512
Password: <enter your new password>
$6$9Ter1EZ9$lSt6/tkoPguHqsDK0mXmUsZ1WE2qCM4m9AQ.x9/eVNJxws.hAxt2Pe8oA9TFB7LPBgzaHBcAfKFoLpRQlpBiX1

The long $6$9Ter... string is your new salted password hash. (The example above uses 'password', so if you just want to reset your account to 'password', you can copy/paste it directly from the example.)

 

3. Update the salted hash in the database.

 

Run this command to update the salted hash that's stored in the database (replace the respective values with the ones you determined above):

 

mongo --port 27117 ace --eval 'db.admin.update( { "name" : "admin" }, { $set : { "x_shadow" : "$6$9Ter1EZ9$lSt6/tkoPguHqsDK0mXmUsZ1WE2qCM4m9AQ.x9/eVNJxws.hAxt2Pe8oA9TFB7LPBgzaHBcAfKFoLpRQlpBiX1" } } )'

(Note: If your username is 'admin' and you just want to set the password to 'password', you can simply copy/paste the above command and run it to do so.)

 

You're done! You can now log in with the new password that you set. 

UBNT_Alternate_Logo.png

View solution in original post


All Replies
Member
Posts: 128
Registered: ‎08-10-2012
Kudos: 76
Solutions: 10

Re: Controller not letting me change admin password

Are they the same controller versions? The latest release introduced password hashing, so it wouldn't surprise me if you need to import your backup into an older version (same version it was created on ideally) and upgrade to successfully upgrade the db.

Regular Member
Posts: 379
Registered: ‎09-23-2015
Kudos: 121

Re: Controller not letting me change admin password

I bet that's it. I backed up from an older version and restored into a newer one... assuming (incorrectly, it seems) that the upgrade would occur on import.

 

It gets worse... I uninstalled the old controller once the new one was up and running.

 

Any other ideas to fix?

UBNT Products: ERPoe-5, ERLite-3, USG-3, UAP-AC-PRO, UAP-PRO, NSM5
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/
Regular Member
Posts: 379
Registered: ‎09-23-2015
Kudos: 121

Re: Controller not letting me change admin password

Derp... but I do still have the backup. Man Happy

 

So can I install the older version of the DB on my laptop (Mac), then upgrade the controller software on the mac, then re-save the backup, then re-import the backup on my web hosted controller?

UBNT Products: ERPoe-5, ERLite-3, USG-3, UAP-AC-PRO, UAP-PRO, NSM5
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/
Regular Member
Posts: 379
Registered: ‎09-23-2015
Kudos: 121

Re: Controller not letting me change admin password

And... UniFi 4.7.6 for Mac is 404-ing on the UBNT site. Man Sad

 

And Google isn't helping.

 

Anyone got an alternative DL link?

 

 

UBNT Products: ERPoe-5, ERLite-3, USG-3, UAP-AC-PRO, UAP-PRO, NSM5
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/
New Member
Posts: 57
Registered: ‎02-26-2013
Kudos: 126

Re: Controller not letting me change admin password

@esseph my Google fu is lacking tonight. Any ideas for a link?
mac_spitwspots
SuperUser
Posts: 21,560
Registered: ‎11-20-2011
Kudos: 7580
Solutions: 229

Re: Controller not letting me change admin password

theres a way to add a new user by directly interacting with the db via cli. on my phone and havent had my coffee yet, but once im out and about ill try and dig up a link


isp builder | linux sorcerer | datacenter automation conjurer | paid consultation available
Member
Posts: 169
Registered: ‎12-10-2014
Kudos: 57
Solutions: 6

Re: Controller not letting me change admin password

@UBNT-MikeD can probably supply you with the version you need

Regular Member
Posts: 379
Registered: ‎09-23-2015
Kudos: 121

Re: Controller not letting me change admin password


esseph wrote:
theres a way to add a new user by directly interacting with the db via cli. on my phone and havent had my coffee yet, but once im out and about ill try and dig up a link

That would be awesome. I prefer cli tools when available. Man Happy

UBNT Products: ERPoe-5, ERLite-3, USG-3, UAP-AC-PRO, UAP-PRO, NSM5
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/
Ubiquiti Employee
Posts: 6,451
Registered: ‎01-28-2013
Kudos: 6238
Solutions: 563
Contributions: 20

Re: Controller not letting me change admin password


sjjenkins wrote:

I backed up my contoller config from a previous server and restored it on a new one.  Now my new controller is not letting me change the password of my admin username. It just says "An Error Occurred."

 

 

Ideas?


You can inject a user or overwrite the existing password. I've put 4.8.15 back on the site, which was the version prior to 4.8.18. I've also opened a ticket for the password change issue. Here is a general guide to change the password, written by @Steltek, although you can use it for what you're doing (you just don't need to perform all steps). 

 

It's more involved to inject a super user, but it is possible. Steps are not listed here.. 

 

Cheers,

Mike

 

Password reset procedure for Linux:

 

1. Find out your username.

 

If you don't know it any more and it's not 'admin', run this command to get all Admin users on the controller:

 

mongo --port 27117 ace --eval "db.admin.find().forEach(printjson);"

 

You should get a result like this:

 

MongoDB shell version: 2.4.10
connecting to: 127.0.0.1:27117/ace
{
"_id" : ObjectId("56e178af97f2d0511ce3abea"),
"email" : "admin@admin",
"last_site_name" : "default",
"name" : "admin",
"time_created" : NumberLong(1457617071),
"x_shadow" : "$6$O6Uuq5Vww6zNxd$06bwBj5v4e0omEZ97qRbiaZbOi75o.r5M4ympQYmY5FP8C.0QGenCIkymiK/YkWoDDfw1YcS42LYSFvPHgP7U0"
}

Note the "name" field above. It contains the username ("admin" in this example).

 

2. Generate a new password.

 

 

Run this command to get a new salted hash:

 

mkpasswd -m sha-512
Password: <enter your new password>
$6$9Ter1EZ9$lSt6/tkoPguHqsDK0mXmUsZ1WE2qCM4m9AQ.x9/eVNJxws.hAxt2Pe8oA9TFB7LPBgzaHBcAfKFoLpRQlpBiX1

The long $6$9Ter... string is your new salted password hash. (The example above uses 'password', so if you just want to reset your account to 'password', you can copy/paste it directly from the example.)

 

3. Update the salted hash in the database.

 

Run this command to update the salted hash that's stored in the database (replace the respective values with the ones you determined above):

 

mongo --port 27117 ace --eval 'db.admin.update( { "name" : "admin" }, { $set : { "x_shadow" : "$6$9Ter1EZ9$lSt6/tkoPguHqsDK0mXmUsZ1WE2qCM4m9AQ.x9/eVNJxws.hAxt2Pe8oA9TFB7LPBgzaHBcAfKFoLpRQlpBiX1" } } )'

(Note: If your username is 'admin' and you just want to set the password to 'password', you can simply copy/paste the above command and run it to do so.)

 

You're done! You can now log in with the new password that you set. 

UBNT_Alternate_Logo.png
Regular Member
Posts: 379
Registered: ‎09-23-2015
Kudos: 121

Re: Controller not letting me change admin password

[ Edited ]

BOOM! That worked, @UBNT-MikeD. Thanks!

 

MongoDB shell version: 2.6.1
connecting to: 127.0.0.1:27117/ace
WriteResult({ "nMatched" : 1, "nUpserted" : 0, "nModified" : 1 })

 FYI - mkpasswd doesn't exist on CentOS (I'm running EL6), so I used grub-crypt to generate the salted hash instead.

UBNT Products: ERPoe-5, ERLite-3, USG-3, UAP-AC-PRO, UAP-PRO, NSM5
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/
Regular Member
Posts: 379
Registered: ‎09-23-2015
Kudos: 121

Re: Controller not letting me change admin password

Apparently there are also ways with Perl and Python to get a salted hash, but I found grub-crypt much easier.

 

http://unix.stackexchange.com/questions/52108/how-to-create-sha512-password-hashes-on-command-line

UBNT Products: ERPoe-5, ERLite-3, USG-3, UAP-AC-PRO, UAP-PRO, NSM5
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/
Ubiquiti Employee
Posts: 6,451
Registered: ‎01-28-2013
Kudos: 6238
Solutions: 563
Contributions: 20

Re: Controller not letting me change admin password

You're welcome @sjjenkins!

 

Yeah, I should've mentioned there are other ways, thanks for listing them!

 

Cheers,

Mike

UBNT_Alternate_Logo.png
New Member
Posts: 8
Registered: ‎04-22-2015

Re: Controller not letting me change admin password

And for those of us on Windows? I need to fix this quickly.

New Member
Posts: 8
Registered: ‎04-22-2015

Re: Controller not letting me change admin password

Note: I did update to 4.8.18 from 4.8.15, made a backup and then installed 4.8.18 on new Windows server. After restoring the backup I am currently unable to change the admin password...

Regular Member
Posts: 379
Registered: ‎09-23-2015
Kudos: 121

Re: Controller not letting me change admin password

[ Edited ]

@jstump:

 

1) Go here: https://quickhash.com/

 

2) Select "SHA-512 / crypt(3) / $6$" as the Algorithm

 

3) Put the desired password as your Input Data (this example uses "password")

 

4) Use "9Ter1EZ9$lSt6" as the Salt.

 

5) Hit "Generate (Over Secure Connection)"

 

Doing this with the above inputs yields:

 

 

$6$9Ter1EZ9$lSt6/tkoPguHqsDK0mXmUsZ1WE2qCM4m9AQ.x9/eVNJxws.hAxt2Pe8oA9TFB7LPBgzaHBcAfKFoLpRQlpBiX1

Which is identical to what would generate with the command line tools.

 

@UBNT-MikeD: This might be a good bookmark to keep handy. Man Happy

 

UBNT Products: ERPoe-5, ERLite-3, USG-3, UAP-AC-PRO, UAP-PRO, NSM5
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/
New Member
Posts: 8
Registered: ‎04-22-2015

Re: Controller not letting me change admin password

@sjjenkins @UBNT-MikeD

 

very useful! thanks man.

 

Anyone know how to get to the mongo shell on Windows? I only can seem to find the daemon..

Highlighted
Regular Member
Posts: 379
Registered: ‎09-23-2015
Kudos: 121

Re: Controller not letting me change admin password

@jstump If it's not already installed, you may just have to install it:

 

https://docs.mongodb.com/getting-started/shell/client/

UBNT Products: ERPoe-5, ERLite-3, USG-3, UAP-AC-PRO, UAP-PRO, NSM5
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/
Ubiquiti Employee
Posts: 6,451
Registered: ‎01-28-2013
Kudos: 6238
Solutions: 563
Contributions: 20

Re: Controller not letting me change admin password

@jstump you can get it from mongoDB.com. Go to downloads, choose previous releases along the right, and then choose the oldest (2.4.14 at the time of writing this). Download the zip file, extract it and you'll find mongo.exe in the bin folder.

 

@sjjenkins Thanks for the link, etc!

 

Cheers,

Mike

UBNT_Alternate_Logo.png
New Member
Posts: 8
Registered: ‎04-22-2015

Re: Controller not letting me change admin password

[ Edited ]

@UBNT-MikeD grabbed that exe as suggested, but getting a SyntaxError: Unexpected token ILLEGAL when trying to cut and paste your code.

 

OK, for some reason that code wouldn't work, but I was able to connect to the db through the shell and just run the db.admin.update command that way. Thanks!

Reply