I always forget my Cisco Identity Service Engine’s (ISE) command-line interface (CLI) and graphical user interface (GUI) password and have Googled many times how to change these two. Resetting the GUI password requires CLI access; therefore, resetting the CLI password comes first if both are inaccessible.
Reset CLI Password
In order to change the CLI password, the password recovery tool in the ISO image needs to be used. There are some necessary steps to launch this tool. Those steps include the following.
- Mount ISE ISO file
- Change boot option in basic input/output system (BIOS)
- Power on VM
- Unmount ISO file
- Reload
1. Mount ISE ISO file
Add the CD/DVD Drive by right-clicking the VM and choosing “Edit Settings…”, and select “ADD NEW DEVICE”. I have pre-uploaded the ISE ISO image in the datastore of vCenter Server, and choosing “Datastore ISO file” allows us to select that file.
2. Change boot option in basic input/output system (BIOS)
Enable “Force BIOS setup” in VM Options to change the boot sequence for the VM to boot from the mounted ISO file.
3. Power on VM
After powering on the VM, it will launch system utilities from the ISO. Enter 1 for the following menu.
Available System Utilities: [1] Recover Administrator Password [2] Virtual Machine Resource Check [3] Perform System Erase [q] Quit and reload Enter option [1 - 3] q to Quit:
Enter 1 and change the password of the admin following the prompt.
------------------------------------------------------------------------- ------------------------ Admin Password Recovery ------------------------ ------------------------------------------------------------------------- This utility will reset the password for the specified ADE-OS administrator. At most the first five administrators will be listed. To Abort without saving changes, enter [q] to Quit and return to utilities menu ------------------------------------------------------------------------- Admin Usernames : [1] admin Enter choice [1] or q to Quit :
After changing the admin password, the screen will change back to the system utilities menu. Don’t restart the VM by entering [q] just yet, dismounting the ISO file comes first.
4. Unmount ISO file
Follow the same procedure taken in 1, and unmount the ISO file by removing the CD/DVD drive, or unticking the connected box.
5. Reload
Finally, reload the VM by entering [q] in the system utilities, and login username admin and the new password.
Reset GUI Password
Once gaining access to CLI, execute the below command to change the GUI password.
application reset-passwd ise <username>
In my case, the username equals admin.
In addition, the password for ISE GUI admin expires in 45 days by default. For lab environments, this becomes a pain in the neck. Go to Administration > System > Admin Access > Password Policy to change the default password expiration configuration. I have disabled all policies for the ease of labbing.