Fibre Channel (SAN)

Reply
Occasional Contributor
Posts: 11
Registered: ‎03-19-2007

Cloned users after factory reset

I have an IBM BladeCenter that contains two Brocade 4020 SAN switches running v6.2.0e.  I had to do a factory reset on one, via the Advanced Management Module, as I accidentally activated a ipfilter that locked everyone out of the switch.  The next time I logged into the switch, I noticed that all of the default user IDs had been partially "cloned".  Here's the output of that session:

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2009.11.24 12:18:08 =~=~=~=~=~=~=~=~=~=~=~=
login as: admin
admin@10.0.0.141's password: 

-----------------------------------------------------------------
DEV_Bay8:admin> userconfig --show -a

Account name: root
Description: root
Enabled: Yes
Password Last Change Date: Mon Nov 23 2009
Password Expiration Date: Not Applicable
Locked: No
Role: root
AD membership: 0-255
Home AD: 0

Account name: root0
Description: root
Enabled: Yes
Password Last Change Date: Unknown
Password Expiration Date: Not Applicable
Locked: No
Role: root
AD membership:
Home AD: 0

Account name: root1
Description: root
Enabled: Yes
Password Last Change Date: Unknown
Password Expiration Date: Not Applicable
Locked: No
Role: root
AD membership:
Home AD: 0

Type <CR> to continue, Q<CR> to stop: 

Account name: factory
Description: Diagnostics
Enabled: Yes
Password Last Change Date: Mon Nov 23 2009
Password Expiration Date: Not Applicable
Locked: No
Role: factory
AD membership: 0-255
Home AD: 0

Account name: factory0
Description: Diagnostics
Enabled: Yes
Password Last Change Date: Unknown
Password Expiration Date: Not Applicable
Locked: No
Role: factory
AD membership:
Home AD: 0

Account name: factory1
Description: Diagnostics
Enabled: Yes
Password Last Change Date: Unknown
Password Expiration Date: Not Applicable
Locked: No
Role: factory
AD membership:
Home AD: 0

Type <CR> to continue, Q<CR> to stop: 

Account name: admin
Description: Administrator
Enabled: Yes
Password Last Change Date: Mon Nov 23 2009
Password Expiration Date: Not Applicable
Locked: No
Role: admin
AD membership: 0-255
Home AD: 0

Account name: USERID0
Description: Administrator
Enabled: Yes
Password Last Change Date: Unknown
Password Expiration Date: Not Applicable
Locked: No
Role: admin
AD membership:
Home AD: 0

Account name: USERID1
Description: Administrator
Enabled: Yes
Password Last Change Date: Unknown
Password Expiration Date: Not Applicable
Locked: No
Role: admin
AD membership:
Home AD: 0

Type <CR> to continue, Q<CR> to stop: 

Account name: user
Description: User
Enabled: Yes
Password Last Change Date: Mon Nov 23 2009
Password Expiration Date: Not Applicable
Locked: No
Role: user
AD membership: 0
Home AD: 0

Account name: user0
Description: User
Enabled: Yes
Password Last Change Date: Unknown
Password Expiration Date: Not Applicable
Locked: No
Role: user
AD membership:
Home AD: 0

Account name: user1
Description: User
Enabled: Yes
Password Last Change Date: Unknown
Password Expiration Date: Not Applicable
Locked: No
Role: user
AD membership:
Home AD: 0
DEV_Bay8:admin> userconfig --change user1 -e no
Error in account database
DEV_Bay8:admin> userconfig --delete user1
Cannot delete the default account
DEV_Bay8:admin> logout

As you can see, I can't change or delete the "cloned" user accounts.  I'm a bit worried that if I tried another factory reset or configdefault that things will only get worse.  Is there another way to clean out these users?

Occasional Contributor
Posts: 11
Registered: ‎03-19-2007

Re: Cloned users after factory reset

A followup: I did try using configdefault and the switch didn't spontaneously create more "cloned" IDs.  It also didn't get rid of the existing clones.

External Moderator
Posts: 4,778
Registered: ‎02-23-2004

Re: Cloned users after factory reset

aix,

such problems are unknowns to me and i have never see this in the past, i think you need help from Brocade Support.

not sure....but its seems to me like a Bug.

TechHelp24
Occasional Contributor
Posts: 11
Registered: ‎03-19-2007

Re: Cloned users after factory reset

Another update:  I used the AMM to do a "factory reset" (again) and the cloned user IDs didn't disappear.  Fortunately they didn't multiply, either.

It appears that the AMM doesn't reset everything to the original settings or the Brocade reset routine doesn't work properly.  Is there a way to do a true "factory reset"?  I've been thinking about reflashing the same level of firmware onto the switch, but I'm pretty sure it won't work.

N/A
Posts: 1
Registered: ‎12-17-2008

Re: Cloned users after factory reset

I'm having the same issue with similar results. I've also tried resetting to factory defaults. I did set "Preserve new IP configuration on all resets" to enabled on the bladecenter chassis AMM.

I haven't had any success logging in as these "cloned" users and I can't even run a userconfig --show without getting an "Error in account database". So I guess they aren't so much a security issue, I hope.

I'm not sure what the factory reset from the AMM does except reset the passwords. I had my 4G SAN switch in access gateway mode to begin with and it is still in access gateway mode after the reset.

I'll update this post if I figure anything more out.

New Contributor
Posts: 2
Registered: ‎12-06-2010

Re: Cloned users after factory reset

I too am having a similar issue. After updating the mcode to v6.4.1a the switch "hung and had to be manually rebooted. After the switch again came available I now have multiple cloned accounts, i.e. admin,admin0,admin1 and also for all of the other accounts; factory, root, user etc. I cannot find any "bug" listings regarding this behaviour. Also as the other posters I have tried to remove the extra accounts only to be denied permission. Hope there's an answer out there.

Occasional Contributor
Posts: 11
Registered: ‎03-19-2007

Re: Cloned users after factory reset - FIXED!

All,

My apologies for not answering in a timely manner.  I (and IBM) still don't know WHY doing a factory reset on a Brocade switch via an Advanced Management Module causes cloned IDs to be created.  I have found a way to get rid of the cloned IDs.  NOTE: This procedure REQUIRES you to login as the root user on the Brocade switch.  I recommend doing a "supportsave" and "configupload" so that you have a known good configuration that can be restored if something goes wrong.

There are three files that you'll need to make changes to: /etc/passwd, /etc/shadow and /etc/shadow.default.  NOTE: You need to login as root and execute the commands at the command line!

First we'll backup the files:

cp /etc/passwd /etc/passwd.orig

cp /etc/shadow /etc/shadow.orig

cp /etc/shadow.default /etc/shadow.default.orig


Next, we'll remove any USERID, root, factory, admin or user account with a single trailing digit:

sed '/USERID/d;/root/d;/factory/d;/admin/d;/user/d;s/USERID/admin/g' /etc/passwd.orig >/etc/passwd

sed '/USERID/d;/root/d;/factory/d;/admin/d;/user/d;s/USERID/admin/g' /etc/shadow.orig >/etc/shadow

sed '/USERID/d;/root/d;/factory/d;/admin/d;/user/d;s/USERID/admin/g' /etc/shadow.default.orig >/etc/shadow.default

Lastly, if you have both USERID and admin accounts on the switch it is recommended to delete the USERID account.  This prevents confusion and removes a well known account (and default PASSW0RD).

cp /etc/passwd /etc/passwd.orig2
sed '/USERID/d' /etc/passwd.orig2 >/etc/passwd

cp /etc/shadow /etc/shadow.orig2
sed '/USERID/d' /etc/shadow.orig2 >/etc/shadow

cp /etc/shadow.default /etc/shadow.default.orig2
sed '/USERID/d' /etc/shadow.default.orig2 >/etc/shadow.default


The "cloned" user IDs should no longer appear in the user list when running "userconfig --show -a".

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.