Since we updated to 10.13.66-16, our admin login seems to have disappeared. I’m the only one using it and I wouldn’t have otherwise messed with the login. Logging in to the terminal still works but we couldn’t get in to the web GUI.
We luckily had an alternate extension with full admin rights, so we recreated the “admin” user, but it still does not seem to be trickling over to iSymphony.
Does anything know if there’s any confirmed instances of an updating causing the default admin account to vanish, how we can avoid it if so, and how we can regain admin access to iSymphony?
The rumor is that an update a couple weeks ago deleted the “static” admin user and the system is expecting it to be in UserMan. There’s a post from last week that talks about using the “hidden” session variable on the screen to access the GUI without logging in. Note that you will need console access to the server to make this happen.
Once you get in, set up your “admin” user in UserMan and you should be in relatively good shape.
As to the iSymphony thing - I vaguely recall someone explaining how to get that working from a couple of weeks ago. It’s all part of the same admin user login thing.
Yes sorry if we have not been completely transparent about this. We were trying to eliminate Administration users on exploited systems that were added by exploits themselves. Unfortunately one of these was named ‘adm’ which matched a regular expression. The fix was made here: https://github.com/FreePBX/framework/commit/3e683db3f9eba69ac83e933288d15c1a9a6167b4
It has nothing to do with User Manager and was only “live” for about 6 hours.
I see… well, luckily I had an alternate admin account so I wasn’t locked out of the GUI, but I’m still completely unable to get into iSymphony since that happened. I went into the iSymphony FreePBX module and unchecked/rechecked the “Sync with User Management” box, applying config each time, and even rebooted the iSymphony service, but it won’t accept “admin” or my full admin users into the iSymphony Admin Portal. I put in a ticket with Ryan at iSymphony support but he didn’t have any ideas besides resychonizing against UserMan.
I’m kinda hoping someone might have a solution because we have a backlog of changes we need to do with iSym and we’re locked out of it.
I figured it out with iSymphony support; the solution was that even though I took an extension and gave it “full admin” in the extensions module of FreePBX, there is another section in FreePBX under Admin -> Administrators where the original “admin” account must be readded. Once we put the account back there we were able to get back in to iSymphony.
I have two FreePBX systems and I could not login to either GUI tonight using the admin user and my set password. Luckily, on one system my Firefox browser,still had a cookie, I guess, that let me in. How to I get into my other system? I cannot find the post from last week on the “hidden” session variable.
What are the correct words to search for? Or what is the sequence and only from a console attached?
So… now I need to set up a user admin or whatever, under user management or administrators. I would have to imagine it is administrators. Wish i would have followed this a bit more closely some time ago.
Finally found the answer using Google. fwconsole unlock and the php session. Recreated user in Administrators for now and will eventually do whatever I need to do in User Management.
Far be it from me to order anyone around, but seeing posts from these other users confused by vanishing admin accounts, I’m thinking maybe y’all should put up some sort of advisory about the situation. A six hour window could have affected a lot of users. Is there anything like a general email blast when major bugs or vulnerabilities show up? We’d all like to hope it’d never have to be deployed but mistakes do happen.
I’ve explained what happened and linked to said ticket in other posts. I don’t think this needs an advisory. It happened almost three weeks ago. It’s a little late for any of that at this point. Announcing any thing at this juncture will only cause more harm than good. Announcing it originally would also do the same. Should we announce all bugs in our software? What makes a bug announcable to you might be different for other users. Not everyone uses the administrators module (there are three other ways to login to freepbx). How do we know what users to email? This would all have to be discussed internally and worked through to come up with reasonable guidelines.
As we’ve stated in the past we do not have an rss or email blast for vulnerabilities at this time. The notification system, if configured in freepbx, will alert you when vulnerabilities come out.
Andrew, we surely got notified! Suddenly and in a surprising and somewhat scary manner! I can certainly understand doing more harm than good, but maybe just a courtesy sticky on the forum that stated:
“Hear ye, hear ye! Soon you may not be able to log in as admin. Please ensure that you have configured an administrative user under User Management or Administrators, which will eventually be going away.”
Not trying to whip a dead horse or stir things up… just trying to help. But, it’s your business and we’re all plugging along!
The only people who were/are unable to log in as admin were those few people who were unlucky enough to download framework in that 6 hour period it was broken, three weeks ago.
… and the list lit up like crazy and Rob posted the instructions on how to get logged in without using the ‘maint’/‘admin’ users.
While it doesn’t seem like it most days (based on the questions people ask) there is a search function for the forum. Searching back through the list and finding this question basically asked every other day for most of the last month should be a clue.
Oh, and by the way, one of the reasons we got bit by this particular change was because we were also in the middle of a group of hackers trying to exploit the “Hotel Wakeup Call” vulnerability. Because these two events coincided, lots of people had to use the admin login workaround to get in.
Sorry I missed all this when it happened as I was still able to log in without any problem due to a cookie being dropped. And Yes, I did STF and scrolled through the pages. Google came to the rescue as IMHO the search function on this forum is lacking or at least in the way and results I am accustomed to searching. Nothing like getting stuff from 2013 and going through that as well!