Aruba Networks, Management

Factory reset Mobility Controller managed by Mobility Master

René Jorissen on December 27, 2017 0 Comments • Tags: #arubaos8 #factoryreset #localconfigenable #mobilitycontroller

With the introduction of ArubaOS 8, HPE Aruba Networks introduced the Mobility Master appliance. A Mobility Master appliance takes care of all the control-plane features within your deployment. A Mobility Master provides better user experience, flexible deployment, simplified operations and enhanced performance. Mobility Controllers are added to the Mobility Master as regular controllers and all configuration for the Mobility Controllers is done on the Mobility Master console to provide centralized management.

The question arises: is it as easy as it was to factory reset a Mobility Controller managed by a Mobility Master?

The answer: yes it is, but you need to take one extra step!!

I took a Mobility Controller from the shelve and wanted it to be configured as a standalone controller with ArubaOS 8. The controller was running 6.5 code, but the backup partition already contained an 8.0 code image and was previously managed by a Mobility Master during a workshop. I upgraded the 8.0 code image to the latest 8.2 code image and booted the controller from that partition.

I tried to log in with the credentials from the 6.5 code, but that wasn’t working anymore and I had no clue with credentials were used during the 8.0 workshop. So I started with the default password recovery which is very simple and straightforward. Connect to the console with username “password” and password “forgetme!“. Normally you would configure a new management user and “write erase” the configuration, but this is by default not possible in this scenario. Once you enter “config terminal” you receive the following message.

(controller) *#configure t
This controller is managed by a Mobility Master.
Configuration changes can only be performed on the Mobility Master.

Okay, so maybe I can do a “write erase” directly….

(controller) *#write erase
All the configuration will be deleted and the controller will be reloaded. Press ‘y’ to proceed : [y/n]: y
You do not have permission to execute this command

No, so what’s next? The clue is the command “local-config enable

(controller) *#local-config enable
Warning: ‘local-configure enable’ should only be used for debugging. This will disableAuto-Rollback feature. Please use the command ‘local-configure disable’ after you are done.
Configuration Mode Is Enabled.

Now you have the option to enter “config terminal” and add a new management user, log in with the new user and “write erase” the configuration. Next I rebooted the controller and started with a fresh, factory default controller with ArubaOS 8 software.

(controller) *#configure t
Enter Configuration commands, one per line. End with CNTL/Z

(controller) *(config) #mgmt-user admin root
Password:************
Re-Type Password:************
(controller) ^*(config) #end
(controller) ^*#write mem

Saving Configuration…

Partial configuration for /mm/mynode
————————————
Contents of : /flash/ccm/partial/0/p=sc=mynode.cfg
mgmt-user admin root d442d5b0011f409d930efc3f1a4409d5abb80c1a47e5247626
Configuration Saved.
(controller) *#exit

User: admin
Password:
(controller) *#write erase
All the configuration will be deleted and the controller will be reloaded. Press ‘y’ to proceed : [y/n]: y
Write Erase successful

System will now restart!

The following two tabs change content below.

René Jorissen

Co-owner and Solution Specialist at 4IP Solutions
René Jorissen works as Solution Specialist for 4IP in the Netherlands. Network Infrastructures are the primary focus. René works with equipment of multiple vendors, like Cisco, Aruba Networks, FortiNet, HP Networking, Juniper Networks, RSA SecurID, AeroHive, Microsoft and many more. René is Aruba Certified Edge Expert (ACEX #26), Aruba Certified Mobility Expert (ACMX #438), Aruba Certified ClearPass Expert (ACCX #725), Aruba Certified Design Expert (ACDX #760), CCNP R&S, FCNSP and Certified Ethical Hacker (CEF) certified. You can follow René on Twitter and LinkedIn.

Latest posts by René Jorissen (see all)

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.