cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Password Recovery for AAA in AOS

Password Recovery for AAA in AOS

Due to the security of the authentication, authorization, and accounting (AAA) feature, you are not able to perform the standard password recovery procedure on an ADTRAN Operating System (AOS) unit, until AAA is disabled.   This guide will aid in recovering a password on an AOS device that has AAA configured, by providing the necessary steps to disable AAA, to prepare the unit for the standard password recovery in AOS.


Deployment Concerns and Considerations

Steps to Disable AAA and Recover the Password using the Console Port

Deployment Concerns and Considerations

  • The AOS device will need to be taken offline and rebooted multiple times; therefore, a maintenance window is recommend to perform these tasks.
  • To recover a password, the changes will have to be made through the Console port using the command line interface (CLI) of the AOS unit (this procedure cannot be performed remotely over Telnet, SSH, or the web interface). Here is a guide about how to access the CLI:  Accessing the Command Line Interface in AOS


Steps to Disable AAA and Recover the Password using the Console Port


  • Reboot the unit by removing power.
    • As the unit boots, you will be given the opportunity to break into bootstrap mode by pressing the ESC key within 5 seconds.

Executing bootstrap...


ram: 268435456 bytes of RAM detected.


Serial Number: LBADTNXXXXXXXXX


Bootstrap version: 11.03.00, checksum: 0F3C, Thu Feb 09 17:40:34 2009


vfs: NONVOL: 120 tracks, 128 sectors/track, 1024 bytes/sector.


eth0/1: initializing...


eth0/1: MAC address is 00:A0:C8:XX:XX:XX


bootstrap: Checking boot configuration...


bootstrap: Primary image is 'NONVOL:/NV5305A-18-01-05-E.biz'.


bootstrap: User escaped to command line interface.


cli: starting command line interface...


cli: starting user interface




Press '?' for help.


















  • While in the bootstrap mode, issue the following commands:

bootstrap#bypass startup-config


bootstrap#boot


















  • The unit will boot up without a running-config.  At this point, you will need to get into Priveleged Exec mode and then view the startup-configuration file with the following commands (Note: this command varies depending if the unit has CFlash.  Both commands are listed below.😞

>enable


#show file startup-config


or


#show file flash startup-config


















  • Copy the entire contents of this output to a text editor (such as Notepad)
  • Remove the line that enables AAA (aaa on) from the text file
  • Enter Global configuration mode by issuing the configure terminal command

#configure terminal

















  • Paste the entire contents of the file you previously edited
  • After the file has been pasted, exit Global configuration, by issuing the exit command

(config)#exit

















  • Save the configuration (which now has AAA disabled) with the write command

#write

















Labels (1)
Version history
Revision #:
1 of 1
Last update:
‎05-05-2014 01:30 PM
Updated by:
Anonymous
 
Contributors