Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kenle311
New Contributor

Delete default admin account

Hi,

 

Is it possible to delete default "admin" in fortianalyzer 1000C running 5.0 GA patch 3?

 

thanks

8 REPLIES 8
emnoc
Esteemed Contributor III

Try  creating a new administrator account with the same  profile  and then login in and delete the "admin". You will need the same  access profile acount and have to delete any active sessions for that "admin" so logout of the admin account b4 you try to delete it.

 

Ken

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
MikePruett
Valued Contributor

Create a super admin account.

Log in with said account

Rename the default admin account to admin_old

Delete old admin account

Mike Pruett Fortinet GURU | Fortinet Training Videos
kenle311

I cannot rename the admin account by using GUI or CLI (no command to do that), running v5.0 (GA patch 3). 

 

Delete the admin account from GUI and CLI returned error, i logged in my own account using same access profile:

diagnose system admin-session list does not show admin session

 

http://imgur.com/a/9hcbn

 

Thank you

 

 

 

abelio
Valued Contributor

Textually from CLI guide:

 

"Unlike other administrative accounts whos Access profile is super_admin_prof and Domain is System, the admin administrator account exists by default and cannot be deleted.."

 

 

regards




/ Abel

regards / Abel
MikePruett
Valued Contributor

rename the admin account to admin_old or something like that and it will let you remove it. I do it on 5.2 code all the time. Will verifiy 5.0 and 5.4 still allow it.

Mike Pruett Fortinet GURU | Fortinet Training Videos
scao_FTNT
Staff
Staff

for FMG and FAZ, delete default admin is supported from 5.4

so create a new super_user admin to login and then you can delete that default admin

just make sure there is no session to that default admin "diagnose system admin-session list" otherwise delete will fail

Thanks

Simon

abelio
Valued Contributor

My apologies.

  I did understand "FortiMail" not FAZ/FMG; 

 

regards




/ Abel

regards / Abel
MikePruett
Valued Contributor

well crud....I've been reading this from a FortiGate stand point. My apologies. I should pay attention to the dang forum titles more!

Mike Pruett Fortinet GURU | Fortinet Training Videos
Labels
Top Kudoed Authors