Hello colleagues.
Totally bizarre to think that am the first guy who encountered such a hardship but I cannot find any useful guide on how to reset forgotten admin password. AI helper also gives nothing.
So I have root access over ssh to TrueNAS server. But i have lost web admin password. I am pretty sure there must be some way to reset it. Right? =)
OS version is TrueNAS-SCALE-24.10.0.2
Of course there is. Use the console menu. Itās on the console, of course, or cli --menu will get you there.
Thanks.
Hereās what i see
root@truenas[~]# cli --menu
1) Configure network interfaces
2) Configure network settings
3) Configure static routes
4) Change local administrator password
5) Reset configuration to defaults
6) Open TrueNAS CLI Shell
7) Open Linux Shell
8) Reboot
9) Shutdown
Enter an option from 1-9: 4
Please choose a local administrator to change password:
1) root
Enter an option from 1-1:
root password seems not the one i need to loginf to the web UI?
Use passwd command while logged into root to change ātruenas_adminā passsword?
So root is the user youād use to log into the web UI, apparently. And if you already have that password (as Iād expect you do), thereās nothing to be doneājust log in.
Is this an install migrated from CORE?
Did you follow the migration instructions and create an admin account during the migration?
It looks like you kept using the root account and never made a proper admin account.
Not really. I have used default user name. Which is admin. Not root.
Btw, if i try to login as root i fail due to wrong credentials. ĀÆ_(ć)_/ĀÆ
That would be too easy =)
root@truenas[~]# passwd truenas_admin
passwd: user 'truenas_admin' does not exist
I guess truenas_admin is not an OS user. Rather application user, stored somewhere in databaseā¦
My admin user is in /etc/passwd, itās just not called anything with āadminā in the name because I followed best practices and created a custom one (using the UI).
Something funky is going on with your install. Things do not add up. What is your update history? How did you get to the version you are no right now (TrueNAS-SCALE-24.10.0.2)?
SCALE used to default to āadminā and only later changed to ātruenas_adminā, have you looked for both?
The truenas PAM configuration locks out password changes via the passwd command due to its lack of integration with our configuration database (at least in newer versions). If you were to change password this way, then the change would be undone the next time the middlewared process syncs password with the /etc/shadow file.
root@bobnas[/home/admin]# passwd admin
passwd: Authentication token manipulation error
passwd: password unchanged
If you totally donāt have any password access at all to NAS, use the cli access to reset password for root / admin / truenas_admin account on NAS, then log in to UI using that cred and reset any other relevant cred through the UI.
Maybe at some point I could write a PAM module to handle pam_sm_chauthtok(3) and pass through request to middleware via AF_UNIX socket for middlewared. This would require some design to work properly and juice is probably not worth the squeeze.
Thanks. Iāve really tried to find something useful about CLI. But even official AI bot tells me, that:
For CLI usage, you might find some commands documented within the system or community forums, but there is no dedicated CLI reference in the official 24.10 documentation.
Would you please help me to navigate over this bizarre place CLI</air quotes>?
Donoā¦ Iāve just installed it half a year ago or so, and didnāt use till recently
Both accounts are not accepted right. but i recall it was truenas_admin. Not admin
You used it yourself earlier in the thread.
Normally, root is disabled from web UI login when an alternative admin account is set up. But since you appear to not have any other account than root, try using the cli --menu previously mentioned to set the root password to something you know, and then try logging in to the web UI with root and whatever password you chose.
OK. In the end, the magic reboot did the trick. 
Before i desided to reboot it i saw the following
Please choose a local administrator to change password:
1) root
Enter an option from 1-1: 1
Changing password for root
This action will disable 2FA
Password:
Retype password:
Traceback (most recent call last):
File "/usr/bin/cli", line 33, in <module>
sys.exit(load_entry_point('midcli==0.0.0', 'console_scripts', 'cli')())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/midcli/__main__.py", line 292, in main
cli.run()
File "/usr/lib/python3/dist-packages/midcli/__main__.py", line 242, in run
process_menu_item(self.context, menu_items, text)
File "/usr/lib/python3/dist-packages/midcli/menu/items.py", line 143, in process_menu_item
menu_items[item][1](context)
File "/usr/lib/python3/dist-packages/midcli/menu/items.py", line 77, in manage_local_administrator_password
with context.get_client() as c:
File "/usr/lib/python3/dist-packages/midcli/menu/items.py", line 78, in manage_local_administrator_password
c.call("user.update", user["id"], {"password": p1})
File "/usr/lib/python3/dist-packages/truenas_api_client/__init__.py", line 484, in call
return self.wait(c, callback=callback, job=job, timeout=timeout)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/truenas_api_client/__init__.py", line 504, in wait
raise ClientException(c.error, c.errno, c.trace, c.extra)
truenas_api_client.ClientException: [err -110]: b'Connection timed out'
Then i decided to try this good old magic cheat =)
By the what the password has changed.