Sunday, September 15, 2024

Creating a new user in a locked out Ubiquiti UniFi Controller

 I had a scenario recently where my Ubiquiti Cloud Key was not working properly. I could sign into the Cloud Key itself on the local IP with the default credential of ubnt/ubnt. However I could not sign into the  UniFi controller, which uses an email and password. I did have an email with an account, but the UniFi Controller never sent me a password reset when I clicked on "Forgot my Password". So, I was basically locked out. Thankfully, there is still a way in. I had a Gen 1 Cloud Key (no bluetooth) on version 1.1.19 and the UniFi Controller was on version 7.2.97.


Thankfull the SSH credentials had not been changed. If yours have changed from the default ubnt/ubnt or root/ubnt, root/password,hi then you will need to reset the cloud key. 


Someone out there smarted than me has created a Python Script that can create a new super admin. use Wget to download the file off Github: 


wget https://raw.githubusercontent.com/HostiFi/support-tools/main/lib/unifi/py/create-super-admin.py 



In case this file has been lsot, here is a copy on this article:



import crypt
from datetime import datetime
import os
import string
from random import SystemRandom
import argparse
import pymongo
import random
import logging

parser = argparse.ArgumentParser()
parser.add_argument('-u','--username', help='UniFi username to create', required=True)
parser.add_argument('-p', '--password', help='UniFi password to create')
parser.add_argument('-e', '--email', help='UniFi email to create', required=True)
parser.add_argument('-r', '--read-only', action='store_true', help='If exists, a read-only Super Admin will be created')
args = parser.parse_args()

randchoice = SystemRandom().choice
password = ''.join(random.choice(string.ascii_letters) for i in range(8))

def sha512_crypt(password):
    salt = ''.join([randchoice(string.ascii_letters + string.digits) for _ in range(8)])
    prefix = '$6$'
    return crypt.crypt(password, prefix + salt)

def create_super_admin(password):
    logging.info("Creating UniFi Super Admin")
    logging.info("Connecting to MongoDB...")
    client = pymongo.MongoClient("mongodb://127.0.0.1:27117/ace")
    mdb = client.ace
    logging.info("Inserting Admin...")
    new_admin_id = mdb.admin.insert_one({
        "email" : args.email,
        "last_site_name" : "default",
        "name" : args.username,
        "x_shadow" : sha512_crypt(password),
        "time_created" : int(datetime.utcnow().timestamp()),
    }).inserted_id

    site_filter = {"key": {"$ne": "super"}}
    if args.read_only:
        logging.info("Promoting Admin to Read-Only Admin...")
        role = "readonly"
    else:
        logging.info("Promoting Admin to Super Admin...")
        role = "admin"
        site_filter = {}

    site_ids = [site["_id"] for site in mdb.site.find(site_filter, [])]
    if site_ids:
        mdb.privilege.insert_many(
            {
                "admin_id": str(new_admin_id),
                "site_id": str(site_id),
                "role": role,
                "permissions": [],
            } for site_id in site_ids
        )

    print("UniFi Super Admin created")
    print("Username: " + args.username)
    print("Password: " + password)

if __name__ == "__main__":
    create_super_admin(args.password or password)

This script has some dependencies. You need to make sure Python is installed. If Python3 is not installed, run the following command:


apt-get install python3

Once Python3 is installed, you need PIP, the Python package manager. Run the following command to installed PIP. This will also install wheel and setuptools


python3 get-pip.py




Lastly you will need PyMongo. This will let python interact with the databas that has the usernames of the Ubuquiti users on it. I had trouble using the latest version of PyMongo, and specifically installed version 3.4.0 and the script executed successfully. 

sudo python3 -m pip install pymongo==3.4.0

Finally we have all our dependencies. We can run the create-super-admin.py script. Use the flag -u for username and the flag -p for password, with flag -e for email. 

python3 create-super-admin.py -u username -p password - email@gmail.com




This will sckip the email verification step and you will have a new super admin that you can use to log into the controller with! Hope this helps.