Sunday, 4 October 2015

CUCM Passwords & Recovery


CUCM passwords

During CUCM installation, you must specify the following user names and passwords:
  • Application user name and password
  • Administrator Account user name and password 
  • Security password

Application password

It  is used for the login on Cisco Unified CM Administration, Cisco Unified  Serviceability, Cisco Unified Reporting pages and Real Time Monitoring  Tool.
The Application User name must  start with an alphabetic character, must be at least six characters  long and can contain alphanumeric characters, hyphens and underscores.

You can reset the application username/password from CUCM OS CLI using the command

utils reset_application_ui_administrator_name
utils reset_application_ui_administrator_password

Administrator Account password

It  is used for the login on Cisco Unified OS Administration, Disaster  Recovery System pages and Command Line Interface  (CLI) login.
The  Administrator Account user name must start with an alphabetic  character, must be at least six characters long and can contain  alphanumeric characters, hyphens and underscores.

To change admin password, you can run the CLI command 'set password user admin'

Note: You need to have the old password in order to change to new one

Security password

It  is used by the CUCM nodes to authorize communications with other nodes within a cluster. You  must ensure that this password is identical on all nodes in the cluster.
The Security password must be at least six characters long and can contain alphanumeric characters, hyphens, and underscores.

To change the security password, you can run the CLI command 'set password user security'

Note: You need to have the old password in order to change to new one

Password Recovery

In case you lose administrator password or security password, you can recover it using the following procedure (you don't need the old password in this procedure):

  1. Login to CUCM OS CLI using the account (username:pwrecovery/password:pwreset)
  2. Insert a valid CUCM DVD and press any key
  3. Remove the DVD and press any key
  4. You will be promoted to select whether to recover the admin password or security password.
  5. Go through the instructions to complete the change

Note: In case you are recovering the security password, you need to do it in each node in the cluster and restart it

2 comments:

  1. The unsupported alternative is to actually recover the passwords instead of resetting. Boot the UCOS host using a Linux rescue CD and extract the platformConfig.xml file from the filesystem. From there you can use the UCOS Password Decrypter app to read the file and output the decrypted passwords.

    http://www.adhdtech.com/uctools.html

    ReplyDelete