How to Delete a Default Admin Account?

How to Delete a Default Admin Account?

46972
Created On 04/05/19 03:05 AM - Last Modified 05/11/22 03:15 AM


Objective


It is a good practice to delete the default admin account from the system to protect against brute-force attacks.
 

Environment


  • Palo Alto Firewalls or Panorama,
  • Supported PAN-OS versions.

Procedure


Step 1: Login to the firewall using the admin account and create a new superuser administrator account from GUI: Device > Administrators and commit the configuration.
Note: For Panorama, use GUI: Panorama > Administrators. The figure below is of Firewall

User-added image

Step 2: Logout and log back in using the new superuser account you just created.

Step 3: Delete the default admin account followed by commit.

User-added image
 

Additional Information


CLI procedure is documented below 
admin@Panorama> configure
admin@Panorama# set mgt-config users <username> permissions role-based superuser yes => new admin user
admin@Panorama# set mgt-config users <username> password  => set password
Enter password   :
Confirm password :
admin@Panorama# commit   => After commit, login to Panorama/Firewall and login with the new admin user. 
admin@Panorama# delete mgt-config users admin
admin@Panorama# commit 
admin@Panorama# exit

Note: Do not delete the admin user without verifying the working of newly created admin user.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PLPACA4&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language