Administrator Accounts

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Administrator Accounts

Not applicable

When I create new administrator accounts the accounts cannot login.  The palo alto system logs shows invalid username/password, but the name and password are being typed correctly.  anybody have any ideas why.

3 REPLIES 3

L6 Presenter

Is this a local account or by radius?

If its the later I think you need to login with ssh (or if it was webgui) first so the PA device will create the homedirectory for the useraccount otherwise the user cannot login over ssh (or if it was webgui).

L6 Presenter

I believe the admins created are using local password and are not using any RADIUS/LDAP authentication. After creating the local admins and committing the changes, if this is not working the only thing I can think of the new config changes are not getting applied properly to the device. Try committing the config changes with "commit force" command from the configuration mode of the cli and see if that works. Other thing you can try restarting the mgmt server with "debug software restart management-server"

L5 Sessionator

Hi,

In the authd logs please verify the following

Do you see a line "test admin is being authed using local acct":

or you just see "test admin is being authed"

If it is the second line you see it is possible that the authentication process has been locked by a user. To get rid of this issue please do the following

1. Make sure to save the configuration locally.

2. Reinstall the software on the device.(basically the software which is already installed)

3. When software is re installed it will ask the device to be rebooted. Please reboot the device

4. Verify that you are able to configure the user.

Just restarting the system might not solve the issue.

Let us know if this helps

Thank you

mbutt

  • 2632 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!