Restoring configuration on Fortigate usually brings back all settings from the backup, including user accounts. However, sometimes after restoring, the administrator account disappears and only a normal user account remains. This limits your ability to configure the device further.

Common Causes

  • The backup file does not include the admin account (e.g., partial backup or backup made after admin account deletion).

  • Errors during the restore process causing the admin account to be unreadable.

  • Firmware version mismatch between backup and current Fortigate device causing incompatibility.

Impact

  • Unable to log in with an admin account with full privileges.

  • Limited access through normal user account, preventing important configuration changes.

  • Security risks and impaired device management.

 

Solutions to Recover Missing Admin Account After Restore

 

1. Login with Normal User and Reset Admin Password (If Possible)

  • If the normal user has permission to change admin passwords, reset the admin password via CLI or GUI.

2. Use Console Access

  • Connect to Fortigate via console cable (serial).

  • Log in using the normal user account.

  • Use CLI to enter admin configuration mode:

    config system admin edit admin set password set accprofile super_admin next end

  • If the admin account is missing, create a new admin account as shown above.

3. Factory Reset and Restore Again

  • If privileged CLI access is not possible, perform a factory reset on Fortigate.

  • Log in with the default admin account.

  • Carefully restore the backup configuration, ensuring the backup file is complete and compatible.

4. Update Fortigate Firmware

  • Ensure the Fortigate firmware matches the version when the backup was created to maintain compatibility.

  • After updating firmware, retry the restore process.

5.  Edit the backup configuration results from Fortigate

  • Open the config file using the visual studio code
  • search or scroll the section in that section if the config system admin does not exist, then open the previous backup file and the backup file from the forti reset after that in the config system admin section from the backup reset, copy and then paste after the word "end" anywhere into the backup config that does not have an admin account.
  • Restore the edited config results to the fortigatenya firewall device 
    config system admin
edit admin
set password 
set accprofile super_admin
next
end