How to reset root password of NetScaler SDX

How to reset root password of NetScaler SDX

book

Article ID: CTX212060

calendar_today

Updated On:

Description

This article describes how to reset the root password of NetScaler SDX running on XenServer.

Note: If you are a XenServer user, do not refer to this article. Instead, see the XenServer documentation.

Background

For the XenServer component of a NetScaler SDX, a lost root password can be overwritten through the use of "linux single user mode" access. The purpose of single user is to utilize physical access to the host, reboot it, pass in temporary kernel flags, and boot directly into the single user (root) shell. From there, the root password can be set to a known token. The host must be rebooted for the changes to take affect.

Points to Note

You will require physical access (iLO, DRAC, console, or physical console) to the SDX to complete this procedure.

The following are some of the points to note before starting this procedure:

  • At least two reboots will be required to complete this procedure.
  • The entire process should take no more than 10 minutes.
  • Read the instructions  in their entirety as there is a small window of time to interact with the boot process.

Instructions

Complete the following step to reset the root password of NetScaler SDX running on XenServer.

  1. After gaining physical or iLO/iDRAC access to the SDX in question, reboot it. With iLO and iDRAC, there's options to hard or soft reset a system and either of the options are fine.

  2. Check the boot process carefully, you will only see the following for about 5 seconds:

  3. Immediately type the following and press Enter key:
    menu.c32

  4. The menu.c32 boot prompt will appear. You will only have about 5 seconds to select the "xe" entry and then press tab key to edit the boot options:


    Note: If console connection is used. You might need to select "xe-serial" if the process freezes on booting.

  5. At the bottom of the screen, you will see the boot entry information.

  6. Near the end, you should see "console=tty0 quiet vga=785 splash quiet", replace "quiet vga=785 splash" with "linux single":

  7. Press Enter key to boot into Linux single user mode. You should eventually be dropped into a command line prompt.

  8. Now you can reset the root password by executing the Linux command: 
    passwd

  9. When prompted, enter the new root user password. You will be asked to verify it and upon success you should see the following:

  10. Enter the following command to reboot the SDX:
     

    reboot

  11. This will reboot the SDX:

     

  12. Let the system fully reboot and present the xsconsole. To verify that the new password has taken effect, select "Local Command Shell" from xsconsole. This will require you to authenticate as the root user:

  13. If successful you will be dropped to the local command shell. This also means you can reconnect and manage the SDX using XenCenter with the new root password.


Procedure for Xenserver 7.1:

  1. Enter into Grub menu by rebooting the SDX device (Use the LOM console for a better experience.)
  2. Select the XenServer (Serial) option and edit by giving the keyboard entry "e"
  3. Change ro and replace it with rw. the locate keyword splash and replace it with init=/bin/bash
  4. Boot into the single user mode (it would be F10 or ctrl-x)
  5. Now you are booted into single user mode and change the root password by giving the command "passwd"
  6. Reboot the system by giving the command "exec /usr/sbin/init"
  7. Verify the root login on Dom0​​​​​​

Environment

The above mentioned sample code is provided to you as is with no representations, warranties or conditions of any kind. You may use, modify and distribute it at your own risk. CITRIX DISCLAIMS ALL WARRANTIES WHATSOEVER, EXPRESS, IMPLIED, WRITTEN, ORAL OR STATUTORY, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NONINFRINGEMENT. Without limiting the generality of the foregoing, you acknowledge and agree that (a) the sample code may exhibit errors, design flaws or other problems, possibly resulting in loss of data or damage to property; (b) it may not be possible to make the sample code fully functional; and (c) Citrix may, without notice or liability to you, cease to make available the current version and/or any future versions of the sample code. In no event should the code be used to support ultra-hazardous activities, including but not limited to life support or blasting activities. NEITHER CITRIX NOR ITS AFFILIATES OR AGENTS WILL BE LIABLE, UNDER BREACH OF CONTRACT OR ANY OTHER THEORY OF LIABILITY, FOR ANY DAMAGES WHATSOEVER ARISING FROM USE OF THE SAMPLE CODE, INCLUDING WITHOUT LIMITATION DIRECT, SPECIAL, INCIDENTAL, PUNITIVE, CONSEQUENTIAL OR OTHER DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Although the copyright in the code belongs to Citrix, any distribution of the sample code should include only your own standard copyright attribution, and not that of Citrix. You agree to indemnify and defend Citrix against any and all claims arising from your use, modification or distribution of the sample code.

Issue/Introduction

This article describes how to reset the root password of NetScaler SDX.
Powered by Wolken Software