Hi all,

I have the problem that I deleted by last ldap import the local admin, or is replaced with the ldap admin. My knowledge, but the local admin can not be deleted or replaced.
How do I get it back?

Many thanks in advance
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Answers

0
Are you able to login with any admin account? If the local admin account was your only admin account, I hope you had SSH enabled. If SSH is enabled, support can remote into your K1000 and add the account manually.
Answered 01/23/2012 by: airwolf
Tenth Degree Black Belt

Please log in to comment
0
You can log into the console of your appliance with the username/password of netdiag/netdiag which will allow you to reset the password of the local admin user.

I am not sure that an LDAP sync would have the ability to delete your local admin account, so I recommend going with the password reset option, which will allow you to confirm this (at least).
Answered 01/23/2012 by: scottlutz
Orange Senior Belt

Please log in to comment
0
No, this is not the problem. Due to the ldap import so I can log on to the Kace. But I had also read that this local account can not be deleted.
The local "admin" admin was called. In my AD I also have an account named "admin". By importing the local admin has been replaced by the admin of the AD. If I delete the ldap user admin I can not get local again. Is there another way?
Answered 01/23/2012 by: THoesen
Senior Yellow Belt

Please log in to comment
0
The import doesn't matter... do you have LDAP authentication enabled? I believe the K1000 is SUPPOSED to use local authentication first, but in my experience it won't authenticate any local accounts while LDAP authentication is enabled. So, it's most likely that the local admin account is there but it will not authenticate because the K1000 is automatically trying to login with LDAP credentials.
Answered 01/23/2012 by: airwolf
Tenth Degree Black Belt

Please log in to comment
0
The local Admin account will always work, even if LDAP/AD auth is enabled and configured. This is be design to allow for cases when a DC is unavailable.
Answered 01/23/2012 by: scottlutz
Orange Senior Belt

Please log in to comment
0
Scott, I realize that is how it's supposed to work. However, I've taken my DCs offline and still fail to authenticate locally. This is a bug that I've made Dell KACE aware of probably 6-8 months ago. I'm not sure if it's fixed in 5.3 or not (we're still on 5.2).
Answered 01/23/2012 by: airwolf
Tenth Degree Black Belt

Please log in to comment
0
I'm not sure if it's fixed in 5.3 or not (we're still on 5.2).

It works a treat in in my 5.3 demo install ;)
Answered 01/23/2012 by: scottlutz
Orange Senior Belt

Please log in to comment
0
K1000/K2000 Local admin account is the ONLY local account that remains active when LDAP is enabled. As scott says, this is to allow an administrator to gan access to the server in the event of failure or misconfiguration of LDAP services.

@THoesen - are you saying that you had an account named admin in LDAP, and now you must use the LDAP password to log in with it? If so, please contact support for further guidance.
Answered 01/23/2012 by: cblake
Red Belt

Please log in to comment
Answer this question or Comment on this question for clarity