Uninstall traps without password

Reply
Plawny
L1 Bithead

Uninstall traps without password

I need to uninstall traps but I forget the trap uninstall password(that is not default password)
what can I do now?

JamesChim
L2 Linker

Dear Plawny,

 

For the Traps 4.2.x, you can try the following step(s)

1. Login to ESM Console

2. Click Settings (from Top Menu) -> Agent (from Left Menu) -> Settings (from Left Menu)

3. Select the Existing Policy Setting for Agent, -> Edit

4. On the Agent Settings -> Agent Security

5. you can see the change Uninstall Password, and enable th

6. After you apply the setting, the client need check in again to update the policy/setting.

 

Thanks, JC

Plawny
L1 Bithead

how can I check my version. my application name is "Traps 6.1.2.21704". is 6.1.2.21704 my version numbwr?

JamesChim
L2 Linker

 

What is the default uninstall password of Traps agent?

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClOxCAK

Default Password: Password1

 

 

Cortex XDR - Agent Settings Profile

https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-prevent-admin/endpoint-security/custo...

> Reference STEP 7 Set an Uninstall Password

Define and confirm a password the user must enter to uninstall the Cortex XDR agent. The uninstall password is encrypted using encryption algorithm (PBKDF2) when transferred between Cortex XDR and Cortex XDR agents. Additionally, the uninstall password is used to protect tampering attempts when using Cytool commands.

The default uninstall password is Password1
A new password must satisfy the following requirements:
  • Contain eight or more characters.
  • Contain English letters, numbers, or any of the following symbols: !()-._`~@#"'.

 

Plawny
L1 Bithead

The problem is I forget the password ;(

JamesChim
L2 Linker

You have 3 way to handle your forget password.

1. set the new uninstall password to overwrite existing one via step7 link from last post. ** All Traps/Cortex client will change to new password**

2. recall your Memory what’s is your password, and keep try....

3. reinstall your computer, no need to password, but need backup all data.....

 

in above 3 way, I think you not consider the 1, and you tried the 2. Now you only have 3 can do.

if you still have support services, you can contact vendor to advise what’s should you do.

 

Plawny
L1 Bithead

Do i need password in 1?

JamesChim
L2 Linker

Yes, you need to find the existing agent polices/setting on cortex/esm console, you will see the set uninstall password is enabled, so you can disable on exiting setting or enter the new password. Up to your setting

After apply will effective the setting on next check in.

 

detail reference the kB from 1 website

JamesChim
L2 Linker

Please follow the KB to set uninstall password,

https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-prevent-admin/endpoint-security/custo...

 

STEP 7. Define and confirm a password the user must enter to uninstall the Cortex XDR agent. The uninstall password is encrypted using encryption algorithm (PBKDF2) when transferred between Cortex XDR and Cortex XDR agents. Additionally, the uninstall password is used to protect tampering attempts when using Cytool commands.
 
The default uninstall password is Password1
 
 A new password must satisfy the following requirements:
  • Contain eight or more characters.
  • Contain English letters, numbers, or any of the following symbols: 
    !()-._`~@#"'
    .

 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!