This question was asked in Live Chat this week, but to be fair it has come up several times from various users...
Q) I've forgotten the password to the admin account on our FME Server. Is there a way to recover it?
A) In short, no! But because the FME Server Support team has seen an increasing number of cases recently where a customer is unable to log in because of a forgotten password, I think it's worth outlining what the options are at this point, and how to avoid getting here in the first place!
What's the Default Admin Password?Up until recent FMEs, the default administrator account used to be admin/admin. You can see why we felt that wasn't a good choice, because it's so easy to guess.
So now - although the default is still admin/admin - you are forced to change it when logging in for the first time. The username remains admin, but the password becomes one of your own devising.
I've Forgotten the Admin Password - Now What?So at a later date you forget the admin password that you set, or your administrator has left without telling you what it is.
Is that a problem? Well, if Server is still functioning, then it can stay in use, processing jobs. But as soon as you need to carry out an administrative task such as adding a new user, then you are going to be stuck.
If you have the Reset Password option set, then you can simply request a password reset sent to the associated system email address. Now you can reset the password and log in.
Problem solved.
However... if you haven't got the Reset Password option set then - let me be blunt - a reinstallation is pretty much the only option. Hopefully either:
- This was a recent installation, so there isn't much that will be overwritten. Or...
- You have a very recent backup of the system, so not much work will be lost.
You'd probably want to take action fairly quickly because - even if the system is running - the longer you leave it, the more work you're going to lose.
That's Scary - How Can I Avoid That Situation?Luckily, there are many options to set up to avoid this situation.
Turn On Reset PasswordFirstly, as the Server administrator, you can turn on the Reset Password option. It's only one tiny click on a toggle, and then you need to enter a system email address, so there's not much work involved.
Why might you not do that? Well, there aren't many reasons. The only requirement is that every user must have a valid email address. Without that they can't receive a reset email. So if you can't guarantee that, then it's not that useful.
But it's a simple change and one that can save a lot of anguish and lost work.
Organize Your AccountsPart of the problem, as described to me, is that the admin account is the only one with administrator privileges. Every other account only has the ability to run their own workspaces. So if you forget the admin account password, then you might not be able to even create automations or apps.
So, take the time to organize your accounts and identify senior users and administrators (plural)! You'll need at least one user with fmesuperuser privileges, in order to use the backup and restore tools. This role has access to all resources of FME Server so you'll not want everyone to have it. However to access the User Management page where you can change passwords, users only need the admin role or 'Manage' permissions explicitly set for the User Management item. So give that capability to multiple users so that if one admin password is lost, another admin/user can still access the web UI where they can update that admin password.
In short, you don't necessarily need to be limited to one admin account, and you can allow other useful functions to be carried out by lower-level roles.
Keep BackupsSpeaking of backups, you'll want to keep these going on a regular basis. It's not going to help get back into a locked system, but it will help you if the worst happens and you have to reinstall everything from scratch.
One way to do this is to enable the schedule that runs backups automatically. Schedule a daily backup and at least you'll only lose a day's work at most.
Is FME Cloud Different to Plain FME Server?Yes, FME Cloud is - slightly - different.
When you start an FME Cloud machine, you get provided the admin account password in a credentials file.
So download the credentials file and don't lose it! Why? Because it can only be downloaded once.
Note another difference is that the default password is not admin - it's more complex than that - so you won't get prompted to reset it the first time you log in.
Other than that, FME Cloud is the same as FME Server, and you should take the time to set up the proper accounts and to turn on Reset Password.
FAQQ) Is there a sneaky way back in?
A) Not that I know of! For example, you can't reset your password using the API.
Q) Can someone at Safe help me get back in?
A) Possibly. At the very least we can advise you on the best method to proceed should you really be locked out. So contact our support team if you are really, really stuck, and they'll do their best to help.
Other Notable Questions
- Is there a way to get a computer back up and running if one disk on a raid pair fails?
- I'm asking this because that's just what happened to me! That's why this is a fairly truncated question-of-the-week, with no other notable questions! Sorry. I hope to have the quiz up and running on Monday though (before you ask, yes everything is backed up as it should be, I'd just like to get the computer working properly)!
- I don't really need to know answers, by the way. I just mentioned it to explain why I've been offline for a couple of day (a dump truck also took out the local internet - it's been quite the week)!
