IBM Support

"admin" password lost or forgotten, or you are unable to access SSH / WebGui on a IBM DataPower Gateway Appliance



What are the steps to follow when the "admin" password is lost or forgotten? What are the steps when you are unable to access the IBM DataPower Gateway Appliances by using the SSH, Serial console or the WebGUI

Resolving The Problem

This document is kept current to provide you with the latest information. You can monitor for updates to this document by subscribing to My Notifications.


Part 1. Critical Information

  • IMPORTANT: It is recommended to create a privileged level user ID as a backup for the "admin" user ID.
    This user would allow you to reset the "admin" user's password if the password is lost or forgotten, or in case the "admin" ID is locked out by the lockout feature (if configured)

  • Copy and Pasting of passwords is not recommended as it could result in unpredictable passwords.
    Example: If using copy and paste to enter the password, you might pick up non-printing characters in the copy.
  • Check your keyboard for Caps and Num Lock and enter the password manually.

Part 2. Recovering the "admin" ID's password

Review the following to whether you can reset the admin ID's password, or if there is another problem.
  1. Check to see whether a privileged account user that can log in was created and if not here is how to create one with the correct permissions.
    Note: If one was not created, you might not be able to create a user depending on the permissions for the user you are logged in with.

    This user would be able to change the password for the "admin" user.
    To reset the administrator account password, your access level must be "privileged" or "group-defined" with the following access policy:

    Change the password from the WebGUI at Administration > Access > Manage User accounts.

    From the CLI
    Run these commands. NOTE: "adminTWO" is for example only, for security, use a unique name for your backup admin ID:
    Idg# config
    Idg(config)# user adminTWO
    New User configuration
    Idg(config user adminTWO)# reset
    Idg(config user adminTWO)# password
    Enter new password: ********* (Note: use a temporary password as you will be prompted to change the password on the first login)
    Reenter new password: *********
    Idg(config user adminTWO)# access-level privileged
    Idg(config user adminTWO)# summary '<note to identify the backup user>'
    Idg(config user adminTWO)# exit
    Idg(config)#write memory
  2. Connect to the serial console by using the IBM serial cable supplied with the appliance.
    See this link for details on connecting to the appliance serial console
    Try to log on to the serial connection.
    If you have issues with the serial connection on the affected appliance:
    Try to connect to another appliance where you know the admin or other logon, and make sure you can log on with that connection to verify the connection settings and cable are correct.
  3. Did you perform a "boot switch" or firmware rollback?
    A firmware rollback or boot switch, restores both the firmware and the configuration to what it was at the time of the last upgrade.
    For example, if you are at firmware 2018.4.1.6 with an admin password of "password1" and you upgrade to2018.4.1.12 and change the admin password to "password2", then if you do a "rollback" to 2018.4.1.6 you would need to use "password1" to access the appliance.
  4. Was the appliance restored by using a "secure backup/restore"?
    If so the admin password is reset to the default of admin. This is intentional to avoid the case of not remembering the password that was set when the secure backup was taken.
  5. Can you log in to the SSH or Serial console with the ADMIN ID, but not with the WebGUI?
    If so see this link for resetting the connection after an upgrade
  6. Was the admin password lost during the initial configuration of the appliance?
    Shutdown and power off the appliance then unplug electrical power connections. Wait 5 minutes. Reconnect the electrical power connections, and power on the appliance and try the password again.
  7. Otherwise IBM support can arrange to have a local IBM engineer come on site to "re-flash" the appliance to factory settings.
    Note if this is a virtual appliance you would deploy a new instance.
  8. See this link for opening a case with support
    a) All configuration is lost with the reflash.
    b) Any optional licenses (such as Integration module, AO or Tibco) will need to be activated on the appliance and the support team will provide a special build for the appliance to add the "base" licenses as well as any optional licenses.
    c) You will need to perform the initial configuration from the serial console to bring the appliance online and accept the licenses in the WebGUI.
    d) The appliance may be loaded with an older firmware with the reflash and require an interim firmware upgrade to apply the license build then you can upgrade to your final firmware level.

    For information on how the appliances are supported see the Appliance Support Guide

[{"Line of Business":{"code":"LOB15","label":"Integration"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSHPHA","label":"IBM DataPower Gateway"},"ARM Category":[{"code":"a8m0z000000cxAnAAI","label":"DataPower->Gateway Hardware (HW)->Fixed with no parts sent->9007 8441->default admin password not working"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"},{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSYMVY","label":"IBM DataPower Gateway X2"},"ARM Category":[{"code":"a8m0z000000cxAnAAI","label":"DataPower->Gateway Hardware (HW)->Fixed with no parts sent->9007 8441->default admin password not working"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Document Information

Modified date:
09 September 2021