Tips, Tricks and More for IT System Administrators and Computer Users: Password Recovery Procedure for the MDS 9000 Series Multilayer Directors and Fabric Switches

This document describes the procedure to recover a lost administrator password from the console port of a Cisco MDS 9000 Series Switch.

You must perform the password recovery procedure on the Supervisor Engine module that will become the active Supervisor Engine module after completion of the recovery procedure. In order to ensure that the other Supervisor Engine module does not become the active module, perform one of these two options:

Physically remove the other Supervisor Engine module from the chassis.
Change the console prompt of the other Supervisor Engine module to one of these two prompts until you complete the procedure:
- loader>
- switch (boot)#
Note: Refer to the Cisco MDS 9000 Family of Multilayer Directors and Fabric Switches configuration guide for more information about these prompts.

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Step-by-Step Procedure

Perform these steps in order to recover a lost administrator password from the console port of a MDS 9000 switch:

Perform these steps in order to establish a console session to the MDS 9000 switch:
1. Connect one of the supplied RJ-45-to-DB-9 adapters to the PC serial (COM) port.
2. Connect the other end of the supplied RJ-45-to-DB-9 adapter to the RS-232 management port on the MDS 9000 switch.
  Note: The RS-232 management port is labeled CONSOLE.
3. Launch HyperTerminal on the PC.
  Terminal emulation software enables communication between the storage router and your PC during setup and configuration. The terminal emulation software is frequently a PC application such as HyperTerminal or ProComm Plus.
4. Choose these settings:
  - Bits per second: 9600
  - Data bits: 8
  - Parity: None
  - Stop bits: 1
  - Flow control: None
  Note: You can set the Bits per second field to 38400 if this configuration connects to an MDS 9500.
Reboot the switch in one of these ways:
- Issue the reload command if there is a Telnet session with administrator rights.
```
switch#reload

The supervisor is going down for reboot NOW!
```
- If the command is not available, power reset the switch.
When the switch begins its SAN-OS software boot sequence, hold the Ctrl key and press the ] key to generate the Ctrl-] key sequence.
This key sequence brings up the switch(boot)# prompt.
```
Ctrl-]

switch(boot)#
```
Note: If you use different terminal emulation software, the break key sequence can differ. Refer to Standard Break Key Sequence Combinations During Password Recovery for commonly used break key sequences.
Note the bin image file name that is displayed on the screen after the "Booting kickstart image" message while the device is booting.
Change to configuration mode.
```
switchboot#configure terminal
```
Issue the admin-password command in order to reset the administrator password.
In this example, the password is set to “password”.
```
switch(boot-config)#admin-password password
```
Exit to the EXEC mode.
```
switch(boot-config)#exit

switchboot#
```
Issue the load command in order to load the SAN-OS software image. This is the image name that was noted as part of step 3.
In this example, san-ios.img is the name of the software. Most likely, the format looks like m9500-sf1ek9-mz-2.1.2b.bin.
```
switch(boot)#load bootflash:san-ios.img
```
Save the software configuration.
```
switch#copy running-config startup-config
```
Note: The next time that you try to connect to the console port of the MDS 9000 switch, you must enter either the new administrator password or the monitor password that you created.
Insert the Supervisor Engine that you previously removed, log in, and verify the changed password.