Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
mdeparisse_FTNT
Staff
Staff

Created on ‎04-29-2019 02:57 AM Edited on ‎06-30-2022 08:26 AM By Anonymous

Article Id 198322

Technical Tip: How to recover access to FortiManager or FortiAnalyzer when the admin password is lost on VMWare

Description


This article describes how to recover access to FortiManager/FortiAnalyzer VM when the admin password is lost and no configuration backup is available.


Scope


FortiAnalyzer and FortiManager.

Solution

 

This article is for VMs without snapshots. If using VM snapshots, it may risk data loss and corruption of service.


Any action taken upon the information in this article is strictly at personal risk.

 

VM Based FortiManager and FortiAnalyzer.

1) Download the OVF file for the current firmware version here (more detailed description later on in this article, making sure to select the firmware version which is currently running on the machine to avoid any possible issue caused by downgrade or unwanted upgrade).

2) Extract the fmg.vmdk file from a new .vmware.zip archive. Rename it fmg2.vmdk and add it to the directory where the existing FMGVM is stored.

3) Create a new SCSI disk (0:2 since 0:1 is used by DATADRIVE) and map it to this new fmg2.vmdk file.

4) Delete the original SCSI 0:0 disk.

5) Remap the new SCSI 0:2 disk to 0:0.
 
6) This will replace the original disk and it may be powered on the unit and reconfigure the System Settings (as described on the bottom of KB article) and re-apply the VM license.

VMware vSphere Hypervisor (ESX/ESXi) and VMware vSphere Client.

1) Download the OVF file for the current firmware version here (more detailed description later on in this KB, making sure to select firmware version which is currently running on the machine to avoid any possible issue caused by downgrade or unwanted upgrade).

2) Extract the fmg.vmdk file from a new .vmware.zip archive, rename it fmg2.vmdk.

3) Upload fmg2.vmdk to the host datastore where is the original file (fmg.vmdk).

4) Log in via SSH to the ESXI host here.

5) Convert the fmg2.vmdk (choose a different name for the converted file, in the example below 'fmg2-convert.vmdk') file as described here.

 

[jdvorak@chyost:~] vmkfstools -i /vmfs/volumes/data2/FortiManager-VM/fmg2.vmdk /vmfs/volumes/data2/FortiManager-VM/fmg2-convert.vmdk
Destination disk format: VMFS zeroedthick
Cloning disk '/vmfs/volumes/data2/FortiManager-VM/fmg2.vmdk'...
Clone: 100% done

 

6) Rename the converted file 'fmg2-convert.vmdk' to the original fmg disk 'fmg.vmdk' as follows:

 

[jdvorak@chyost:/vmfs/volumes/547d0cf2-3d7fec60-aee2-00215a0dc088/FortiManager-VM] mv fmg2-convert.vmdk fmg.vmdk

 

7) This will replace the original disk and it may be powered on the unit and reconfigure the System Settings (as described at the end of the article) and re-apply the VM license.

8 ) After rebooting the VM, in some cases customer will get an error ' There no Operating System'.

 

9) If the issue occurs,  re-deploy the new instance and followed the same setting as the original instance. 

 

10) For the hard disk, storing the log data, the original instance needs to be copied to the new instance.

 

11) Do not delete the original instance event the new instance has been added.

 

Related Articles

Troubleshooting Tip: Restoring FortiManager or FortiAnalyzer configuration when admin password is lo...

Technical Note: FortiManager Tips and Best Practices Guide

Technical Tip: How to recover access to FortiManager or FortiAnalyzer when the admin password is los...

Technical Tip: How to change Admin default User

20775
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.