Enable disabled user account from command line

chrisxps

Hi All,

I need some help...

Some time back created a new Admin account and disabled the old one, at the time everything worked fine

After the 2.4.4 update i can no longer access user management (only change my password)

How can i re-enable the admin account, i have edited the config file to remove the "disabled" tag in the hope that restarting the webconfigurator would reload it and allow access, nut no it doesn't

Rebooting the appliance is not an option as its in front of services that are in constant use

Surely it can be re-enabled via command line?

Thanks in Advance

Gertjan

@chrisxps said in Enable disabled user account from command line:

Rebooting the appliance is not an option as its in front of services that are in constant use

I didn't test drive this situation to the end, by actually disabling the 'admin' account.
Creating a second admin called "admin2", member of the "admins" group still doesn't make it a real 'admin'.
Normally, non trusted devices (== people= shouldn't be connected on the LAN, but on some other OPTx interface. So no need to disable the admin, as it is only accessible to LAN (using firewall rules on other interface).
The console access can be protected using an "Authorized SSH Keys" - and a somewhat complicated password.

So, I guess you're in for a reboot because you managed to lock yourself out.

I'm not sure, but I have the impression a redmine mentions this issue.

JeGr

@chrisxps said in Enable disabled user account from command line:

How can i re-enable the admin account, i have edited the config file to remove the "disabled" tag in the hope that restarting the webconfigurator would reload it and allow access, nut no it doesn't

Do you have "sudo" installed? Otherwise do you know the (old real admin's) password? You could then use SSH to connect, su or sudo su - to the real root user and manually install the System Patches Package and apply the patch for the user management bug.

Derelict

@JeGr said in Enable disabled user account from command line:

You could then use SSH to connect, su or sudo su - to the real root user and manually install the System Patches Package and apply the patch for the user management bug.

It's just a bad link in the menu. You can always just manually go to https://blah.blah.blah/system_usermanager.php

Gertjan

@Derelict said in Enable disabled user account from command line:

It's just a bad link in the menu

So there was (is) a redmine ....

Derelict

Yes. It'll be fixed in 2.5.

https://redmine.pfsense.org/issues/9541

JeGr

@Derelict said in Enable disabled user account from command line:

It's just a bad link in the menu. You can always just manually go to https://blah.blah.blah/system_usermanager.php

Absolutely but an admin user (with sudo or su capabilities) can still install the fix that way even if it has trouble accessing the UI :) Installing pfSense-pkg-System_Patches via sudo/su and adding the patch that @jimp mentioned in threads/redmine is working that way ;)

chrisxps

Thanks All,

Genuinely don't know why i didn't just try the url (facepalm) haha