Sunday, September 3, 2017

Get root access on Citrix XenMobile appliance 10.6.xx

After your Citrix XenMobile virtual appliance is up and running, you can login as "admin" with password configured.



However, a system menu always appears like above screen . You may ask, is there possible to login the system shell ?  i.e. /bin/bash

I will show you how to get root access without asking Citrix Support. This is an unofficial way.

Disclaimer:  I will not be responsible for any damage to your production system

Requirement :

  1. downloaded XenMobile appliance for vSphere  i.e. ova file
  2. some Linux knowledge
  3. a Linux KVM server  (Ubuntu KVM used in this example)
  4. ovftool 
Let's go.

At first, extract the vmdk file from the ova file download by ovftool



Convert the vmdk file to qcow2 format


Transfer this qcow2 file to Linux KVM server  and create a KVM virtual machine to boot it.

For XenMobile 10.6.xx, create a KVM virtual machine using following:


Disk Type = SATA


Network card Type = e1000


You can now boot it normally as if it run on vSphere or XenServer

Follow the initial configuration step at http://docs.citrix.com/en-us/xenmobile/server/install-configure.html



Now , you can login as "admin"  like following:


At this time, shutdown XenMobile virtual appliance

Log on your Linux KVM server as someone with root access. User "root" is used here.

load nbd mobule


locate the qcow2 disk file and connect it using qemu-nbd as a block device


Check the system partition location using fdisk


Mount the system partition i.e. nbd1p3



Modify the the shadow file (i.e. /etc/shadow) to allow root login and save file


umount the nbd1p3 device and disconnect /dev/nbd1



Boot the XenMobile virtual appliance again.

You can login as root properly


Type "passwd" here to set root password if needed. It is highly recommended. 

If you need to access the admin menu , type /opt/sas/sw/bin/console.sh

OR type "su - admin"


Exit by Ctrl + C

The management console web page is same as default i.e. https://FQDN:4443

With root access. you can investigate anything you need inside the appliance.


















1 comment:

  1. Bravo. Wouldn't it also be possible, and perhaps easier, to use the boot prompt when the VM starts (even if vSphere) to put the VM in single user mode and then edit the same shadow file to enable root? This was a method I used in the past.

    ReplyDelete