Hi Adityo Ari Nugroho ,

I understand your issue.

Please check the below KB Article which provide all steps that was guided you on phone. In case you are not able to open the KB due to your credential issues, please let me know.

http://kb.pulsesecure.net/InfoCenter/indexpage=content&id=KB18191&actp=search&viewlocale=en_US&searc...

Also can you change the encryption method of local password to DES.

Note: If I have answered your questions, you could mark this post as accepted solution, that way it could help others as well. Kudo will be a bonus thanks!

Regards,
Kannan

Hi Adityo Ari Nugroho ,

I understand your issue.

Please check the below KB Article, In case you are not able to open the KB due to your credential issues, please let me know.

http://kb.pulsesecure.net/InfoCenter/indexpage=content&id=KB18191&actp=search&viewlocale=en_US&searc...

Also can you change the encryption method of local password to DES.

Note: If I have answered your questions, you could mark this post as accepted solution, that way it could help others as well. Kudo will be a bonus thanks!

Regards,
Kannan

What's the Password encryption you are using ?

CAn you post the o/p of /etc/shadow

Thanks

Hi Ashish,

From the shadow file, it looks like the RHEL is using SHA512 (code type 6), cmiiw.

[root@sbr radius]# cat /etc/shadow root:$6$d85lYuB4$CFLuaJGq8VUnj1x9Xps1kY.EjjZXPmz0efVbzYQFrR9HK/p67Qup4ugsoCi4Y8e9dYDL39v3YiJ1cojXmdU5g.:15988:0:99999:7::: bin:*:14992:0:99999:7::: daemon:*:14992:0:99999:7::: adm:*:14992:0:99999:7::: lp:*:14992:0:99999:7::: sync:*:14992:0:99999:7::: shutdown:*:14992:0:99999:7::: halt:*:14992:0:99999:7::: mail:*:14992:0:99999:7::: uucp:*:14992:0:99999:7::: operator:*:14992:0:99999:7::: games:*:14992:0:99999:7::: gopher:*:14992:0:99999:7::: ftp:*:14992:0:99999:7::: nobody:*:14992:0:99999:7::: dbus:!!:15559:::::: vcsa:!!:15559:::::: rpc:!!:15559:0:99999:7::: abrt:!!:15559:::::: haldaemon:!!:15559:::::: ntp:!!:15559:::::: saslauth:!!:15559:::::: postfix:!!:15559:::::: rpcuser:!!:15559:::::: nfsnobody:!!:15559:::::: sshd:!!:15559:::::: tcpdump:!!:15559:::::: oprofile:!!:15559::::::

 What encryptions are supported by the SBR Administrator?

Kannan,

I stumbled upon an error page while trying to open the linked KB.

Hi Adityori,

Find the below information to resolve your issue,

In Steel-Belted Radius 5.0 or later it is possible to recreate the initial administrator account; so that you can regain access to the Admin GUI.

In Solaris / Linux:

Login as the root user and open a command shell.

Navigate to the Steel-Belted Radius directory:

The default SBR 5.x location is /opt/funk/radius.

The default SBR 6.x location is /opt/JNPRsbr/radius.

Issue the following commands:
echo <username> > initial_admin_account.dat

cat initial_admin_account.dat (ensure that username is in .dat file)

./sbrd restart

Note: The <username> should be the actual username of an admin account. You must remove the <> surrounding the name. There is a redirect '>' used in the echo or cat commands to send the output to the file.

The file should be read and then deleted during SBR's startup process.

Verify that the file has been removed.

Once the service has restarted, attempt to login to the Admin GUI with the same username provided in initial_admin_account.dat.

Hope this should resolve your issue.

Note: If I have answered your questions, you could mark this post as accepted solution, that way it could help others as well. Kudo will be a bonus thanks!

Regards,
Kannan

Hi,

I've changed the encryption to DES using chpasswd command and it worked like a charm. I wonder if there is a more elegant method of changing the encryption without that command.

Thanks.

Hi Adityoari,

I am gald that the suggestion provided resolved your issue

Regards,

Kannan