How to: User Password Management for BIG-IP Next Central Manager¶
This document describes how users can reset, restore, change and forgotten password on BIG-IP Next Central Manager
Note: Forgot Password, Reset Password, Restore Password and Change Password are applicable for Local user. This is not available for Enterprise Authentication users.
Reset Forgotten Password¶
If you forget your BIG-IP Next Central Manager password, you can use this process to receive an email to reset it.
Prerequisite¶
To receive a reset password email:
SMTP must be configured on BIG-IP Next Central Manager.
Your email must be associated with your username on BIG-IP Next Central Manager.
Refer to How to: Set up users for SMTP notifications for details.
Procedure¶
If SMTP server is not configured in CM or the user’s email address is not added:
The user should contact the administrator to reset the password.
The administrator can follow the reset password flow mentioned below.
Note: There is no UI screen to configure SMTP server. The admin can configure the SMTP server via API only.
By sending the POST request to api/system/v1/smtp-servers
For the request payload, use the following example, modifying the values as required.
{
"server_name": "test_smtp",
"host": "mail.sample.com",
"port": 25,
"from_address": "admin@sample.com",
"encryption": "TLS",
"username": "admin",
"password": "admin",
"authentication_enabled": "true",
"description": "Test SMTP server"
}
For more information about this request, see OpenAPI documentation.
If SMTP server is configured in CM and the user’s email address is added:
From the BIG-IP Next Central Manager log in screen, click the Forgot Password? link. The Reset Your Password box opens.
Enter the Username and click on the Submit button.
A temporary password will be sent to the user’s email.
The user can reset their password using the temporary password, which is valid for 24 hours. If this temporary password expires(after 24 hrs), send another password change request by clicking the Forgot Password? link on the BIG-IP Next Central Manager login screen.
Change the Password¶
Use this procedure to change your password.
Procedure
Sign in to BIG-IP Next Central Manager with your current username and password.
At the top of the screen, click the down arrow and select Change Password.
Type your current password and specify a new password. The password must meet the criteria displayed on the screen.
Confirm the password you created by typing it in the Confirm Password field.
Click the Save button.
Prerequisite
Authenticate with the BIG-IP Next Central Manager API. For details refer to How to: Authenticate with the BIG-IP Next Central Manager API.
Use the following APIs to change the password:
Change the password by sending a POST request to
/api/change-password
endpoint.POST https://{{cm_mgmt_ip}}/api/change-password
For the request payload, use the following example, modifying the values as required:
{ "temp_password": "{{temp_local_user_1_password}}", "new_password": "{{local_user_1_password}}", "username": "{{local_user_1}}" }
For more information about changing the password using BIG-IP Next Central Manger APIs, see OpenAPI documentation.
Login with new password by sending the POST request to
/api/login
endpoint.POST https://{{cm_mgmt_ip}}/api/login
For the request payload, use the following example, modifying the values as required:
{ "username": "{{local_user_1}}", "password": "{{local_user_1_password}}", "provider_type": "Local", "provider_name": "Local" }
Reset the Password¶
Note: The new temporary password will be saved and shared with the user’s email if the SMTP server is configured; otherwise, the admin has to share this password via other means to the respective user.
Procedure
Log in to BIG-IP Next Central Manager as admin, click the Workspace icon next to the F5 icon, click System, and then click Users & Roles.
Click on the username for which you want to reset the password. The User Information screen displays.
Click on Reset this user’s password and a Reset Password screen will display.
Admin can select either:
Manually Enter:
Type your new password. The password must meet the criteria displayed on the screen.
Confirm the password you created by typing it in the Confirm Password.
Click Save, the new password will be saved.
You can now use this new password to sign in to BIG-IP Next Central Manager.
The user will be forced to change their password during the next login.
Randomly generate:
Click Generate, to generate a new random password.
Click the Save The new password will be saved.
You can now use this new password to sign in to BIG-IP Next Central Manager.
The user will be forced to change their password during the next login.
Restore previous: Refer to Restore Password section.
Prerequisite
Authenticate with the BIG-IP Next Central Manager API. For details refer to How to: Authenticate with the BIG-IP Next Central Manager API.
Use the following APIs to reset the password:
Update the email address by sending the PUT request to
system/v1/users/{user-id}
endpoint.PUT https://{{cm_mgmt_ip}}/api/system/v1/users/{{local_user_id}}
For the request payload, use the following example, modifying the values as required:
{ "username": "{{local_user}}", "email": "abc@example.com" }
For more information about updating the user information using BIG-IP Next Central OpenAPI documentation.
Reset the forgot password by sending the POST request to
/api/forgot-password
endpoint. You will receive a temporary password at the email address you provided in the previous step.POST https://{{cm_mgmt_ip}}/api/forgot-password
For the request payload, use the following example, modifying the values as required:
{ "username": "{{local_user}}" }
Note: Even after the admin resets a user’s password, the user still has two login options:
They can opt for the temporary password route, which will prompt them to change their password upon login. After changing the password, the user can log in with the updated credentials.
Alternatively, they can use their original password to access the system without the need to change it.
Restore the Password¶
Restore password does not need any email trigger. This restores to password that was there before reset. Use this procedures if you want to restore your password.
Note: Restore password cannot be done for new users without updating the password.
Procedure¶
Log in to BIG-IP Next Central Manager as admin, click the Workspace icon next to the F5 icon, click System, and then click Users & Roles.
Click on the username for which you want to reset the password. The User Information screen displays.
Click on Reset this user’s password and a Reset Password screen will display.
Select Restore previous and click Restore.
You can use your original password to login.