What is the "working" procedure for changing the default manager password?

I have followed the FAQ here:


which results in a broken system.

First of all, editing a text file on the Linux file system does not result in the GUI displaying a “Apply Configuration Changes” link. Submitting a page in the GUI, as recommended, causes your edit in /etc/amportal.conf to be overwritten with the default password. And, manually editing /etc/amportal.conf /etc/asterisk/extensions_additional.conf and /etc/asterisk/manager.conf and then restarting with service asterisk restart - OR just shutdown -r now results in freePBX unable to connect to asterisk and NOTICE[3892] manager.c: failed to authenticate as 'admin' in the logs.

This usually means the FAQ topic is stale, obsolete, and won’t work on the current version. So, is there something newer that will work?



yes the FAQ is probably stale on the current version and we will have a look at it.

for 2.10, which is the most recent current version, you should just change it in Advanced Settings. All updates are done automatically.

I had checked Advanced Settings and could not find the password for the manager there, only the portal admin which is not the same thing.

However, since editing the configuration files resulted in an authentication failure, and a grep of the file system could not find it, I assumed the password was stored elsewhere and did find it in the database.

will update the database and edit of /etc/asterisk/manager.conf seems to get them both in sync. So, it does not look like AMPMGRPASS keyword is exposed in the Advanced Settings GUI.

It looks like you want to update /etc/asterisk/manager.conf first, and restart asterisk. Then update the database, and finally do an update in the GUI which then propagates the change.

In advanced settings do you have the checkboxes and the top set to display the hidden variables.

What you found in the DB is in the Advanced Settings list (that’s where it gets generated from).

It’s cool you found it in the DB but it should not be this hard.

It’s in Advanced Settings, just make sure to expose all the readonly and hidden settings so you see everything.

As a fairly strict rule, if you think you have to go to the database to make a change, then you are not seeing something.

Even in cases where something is seriously broken and the GUI is not accessible any longer, there are usually CLI versions of commands that will let you make changes to get things back and going, including CLI commands to set the Advanced Settings that still go through proper validation and error checking to keep garbage form being introduced into the database.

Ok, yes, the “Display Readonly Settings” will expose the “Asterisk Manager” settings section - you must refresh the page in the browser, the refresh button on the page won’t do it.

I was fixated on finding the manager password and wasn’t paying attention to the dynamics of the page. I’m a trixbox convert and while it took a bit to figure this out it is so much easier than versions of days gone by - assuming you know what your doing.

Just a though - maybe you want to grey out [disable] the hidden and read only sections and then let the controls enable them rather than making them completely invisible. Might be less confusing from a usability perspective? I guess it depends on why the distinction is being made in the first place. Hidden things are usually not meant to be found, as in security by obscurity, where disabled items are more to prevent nasty accidents from happening by requiring a more deliberate action.

I’m good now having learned my lesson; I’m just thinking of the next guy.


The page refresh should happen right when you make that change in Advanced Settings unless you have other outstanding changes that have not been submitted.