You are locked out of AppDefense Appliance that has admin privileges.

Cause

You see error message related to password expiration on the Appliance UI for the following reasons:

  • Your password is expiring in X number of days. You see the message 10 days before the password expires.
  • Authentication fails for some reason. Password may or may not have expired but you cannot log in.
  • Password has already expired.
  • You entered incorrect password for three times.

Solution

  1. Log in to the AppDefense Appliance from vCenter Server using the root credentials.
  2. Verify if the admin account is locked using the pam_tally2 -u admin command.
  3. If the admin account is locked, then use the following command to unlock.
    pam_tally2 -r -u admin
  4. To change the admin user password.
    1. SSH to the AppDefense Appliance using the admin credentials.
      For example, SSH admin@<Appliance_IP_Address>.
    2. Use the passwd admin command.
    3. Enter the current password and then the password that you want, and note it for future reference.
      Note: Do not use last five passwords. Password must have at least eight characters. Enter a password that meets with the basic complexity, as at least one number, one lower case letter, one upper case letter and one special character.
    4. Re-enter the admin password.
      AppDefense Appliance admin user password is changed.
  5. To reset password after the AppDefense Appliance password has expired. The appliance password automatically expires after 90 days.
    1. SSH to the AppDefense Appliance using the admin credentials.
    2. When prompted for a password, enter the admin password that you want, and note it for future reference.
      Note: Do not use last five passwords. Password must have at least eight characters. Enter a password that meets with the basic complexity, as at least one number, one lower case letter, one upper case letter and one special character.
    3. Re-enter the admin password.
      The password is changed successfully.
    4. SSH to the AppDefense Appliance again to verify that the password change is successful.
    5. Now log in to AppDefense Appliance UI with admin user and changed password.
  6. To reset the root password.
    Note: By default, SSH access for root user is disabled on the AppDefense Appliance for the security reasons.
    1. SSH to the AppDefense Appliance using the admin credentials.
    2. Reset the password using the following commands.
      sudo su
      passwd root
    3. Enter the current password and then the password that you want, and note it for future reference.
      AppDefense Appliance root user password is changed.