For Junos Space and its associated applications, if you have forgotten the password to the super account (or have locked yourself out of the account), you can reset the password and/or unlock the account by modifying the super user’s entry in the
build_db DB of MySQL; via the Unix CLI in Space’s “debug” mode.
However in release 17.2R1, the default password of the jboss user (which is required in order to access the MySQL CLI in the first place) has changed. As far as I can tell, Juniper has not documented this anywhere.
Previously, you would access the MySQL CLI using the user jboss and the password netscreenos:
In Space 17.2R1, the same credentials do not work:
So if you’ve locked your super user account or forgotten its password, what do you do now?
New SQL password
It seems as of 17.2, during installation, Space will automatically generate a random password for the jboss user of the MySQL database.
Lucky for us (?), Space also stores this generated password in plaintext (!! 😱) for us to reference.
The passwords are located at:
Dumping them to screen, we can copy the password for the jboss user:
You want the
mysql.jboss= string, which in the example above is:
This is your password to authenticate the MySQL jboss user!
You can now access the MySQL CLI:
<YOUR-JBOSS-PASSWORD> with the string retrieved above. You will now have access to the CLI.
Fixing the super account
Now that we have the password to access our MySQL CLI, we can finally unlock or reset the super account to regain access to our Space applications.
Unlocking the super account
If the super account is locked, you can unlock it from the MySQL CLI. Enter the following two DB queries/commands at the
mysql> shell prompt:
The super account should now be unlocked.
Changing the super account password
If you have forgotten the password to the super account, you can change it via the MySQL CLI. Enter the following two DB queries/commands at the
mysql> shell prompt:
<YOUR-NEW-SUPER-PASSWORD> with the new password you want to assign to the super user.