topic password policy has locked out the admin in General Topics

password policy has locked out the admin

ABlumhard — Wed, 30 May 2018 15:37:07 GMT

Is there a way to have an email warning if a password is going to expire? One of our palo alto (which is stigged) has locked every user out. This includes the emergency and admin accounts. I guess, now the only way to get back in is to to in via the management console via the palo alto, correct?

Re: password policy has locked out the admin

BPry — Wed, 30 May 2018 21:07:48 GMT

@ABlumhard,

Do you happen to know if you had setup a post expiration count or grace period value within the password profile. Really in these types of situations you would have wanted to make sure that you had a post expiration login count of at least 1 to allow the user to login after the password expired.

I believe in this case of sitaution you will be resetting the device, so hopefully you have a config backup. The email alert that you are looking to setup would be for system logs, however I'm not sure exactly what filter you would be required to set for this particular alert.

Re: password policy has locked out the admin

ABlumhard — Thu, 31 May 2018 12:33:27 GMT

I logged in as another user (who has, thankfully, admin rights) and was able to enter a new password for the admin. Went to the settings and changed the way we are notified (a week ahead now) etc.