Changing admin password with XML HT802

tobbe · 2023-01-05 11:33:38 UTC

Hello!

We use the HT802 for customers, and we have a provisioning system which generate XML files for configuration. Our problem is that the admin password, and the user password too, are not updated to reflect what is in the file. It instead keeps the default passwords.

We use <P2>PASS</P2> and <P196>PASS</P196>, which seems correct to me. But it is not applied, even though all (as far as I have checked) other settings are applied as they should.

The box downloads the settings via HTTPS, but we have tried to upload a file directly to the box, but with the same result.

I am pretty sure that this worked when we initially developed support for these boxes in our provisioning system. So it seems that this have occurred some time after that, but that is a couple of years now, we initially used the HT701.

Do you have any insight in why this happens? We would like to solve this urgently, as having boxes with default password deployed is quite bad.

If more information is needed, please ask and I will do my best to provide it.

Thanks in advance!

Best Regards,
Torbjörn Abrahamsson

damiano70 · 2023-01-05 11:46:37 UTC

attention that the policy of the new HT8XX fw provides for a more “complex” pswd,
probably what you enter does not comply with the requests,
enter the HT8XX manually via the web and when asked to change pswd try to change it with one that is accepted, you can then use that as an example to insert in P2

tobbe · 2023-01-05 11:59:54 UTC

Ah, I see. I will try it out. Hopefully this is the solution. Sounds resonable at least.

Thank you!

damiano70 · 2023-01-05 12:03:35 UTC

should you still have doubts or problems, open a ticket:

tobbe · 2023-01-05 13:11:40 UTC

Unfortunately this was not the problem, our password was accepted by the webpages. I tried with other valid passwords in the file, but still no success.

I will file a ticket with the helpdesk.

Thank you for your help!

damiano70 · 2023-01-05 13:13:50 UTC

strange, for me the insertion of the P2 works correctly,
if you want PM me a screen showing P2 (put a fancy pswd)

tobbe · 2023-01-05 13:14:56 UTC

A screenshot of the file? Or what do you mean?

damiano70 · 2023-01-05 13:15:50 UTC

yes
in PM

tobbe · 2023-01-05 13:24:01 UTC

Glad to, but I do not see a way to send a PM. How do I do that? I may be missing something obvious.

damiano70 · 2023-01-05 13:25:55 UTC

click on my icon, then on the Message button

tobbe · 2023-01-05 13:28:17 UTC

No message button, I’m afraid. Could it be that I’m a newly registered user, and as such is not allowed to PM?

damiano70 · 2023-01-05 13:33:24 UTC

else I don’t know what to tell you, maybe new users don’t have the possibility to send mmsg,
rather put here the screen I asked you (without sensitive data and with fancy P2 pswd)

tobbe · 2023-01-05 13:40:48 UTC

Seems likely new users cannot start PMs then.

Here is the file contents, no sensitive data:

damiano70 · 2023-01-05 13:49:18 UTC

at the top of the file there should be a string like the one below, of course you have to enter the correct MAC -> 000B829ER8BD
the filename should be renamed like this -> cfg000B829ER8BD_enc.xml
(MAC to be entered correctly)
the new FW allows HT to accept any file or just .xml
look at this changleog -> https://firmware.grandstream.com/BETA/Release_Note_HT813_1.0.15.7.pdf
make sure you have the updated HT FW, it works fine for me
be careful that if you export the xml file from HT, probably for safety, PSWD and sensitive data are not exported

Good job

tobbe · 2023-01-05 14:01:47 UTC

But the provisioning docs says that the mac is not mandatory. So I left it out, and all other things I add to the file is accepted.

Should I add it like this?

I have tried to upgrade the FW, I use 1.0.35.4. I got some weird error about the file being too large when trying to upload the 1.0.43.11. It says:

HTTP/1.0 500 Server Error Content-Type: text/html CGI Error
Attempted to send content larger than allowed limits.

Edit: Managed to upgrade the box, but still no luck with the passwords.

Witold · 2023-01-05 18:03:39 UTC

Password must have 8-30 characters, at least 1 number, 1 uppercase and lowercase character, and 1 special character.

I think you are missing a special character in your password, and this this is way it is rejected.

damiano70 · 2023-01-06 10:14:13 UTC

https://documentation.grandstream.com/knowledge-base/xml-configuration-file-generator-user-guide/

https://documentation.grandstream.com/knowledge-base/sip-device-provisioning-guide/

https://content.grandstream.com/hubfs/Grandstream_Feb_2021/Zip%20File/windows_xml_configuration_file_generator_v4.1.zip

tobbe · 2023-01-06 11:18:01 UTC

Thanks, I will try it out, though the admin web page of the HT802 says:

And if I try to set the password using the admin web, it actually accepts the password.

Edit: Did not work, unfortunately, after adding a special character. But the same password was accepted by the admin GUI, so it seems the password should be valid.

Thanks for your suggestion, anyway! I’m grateful for your work.

tobbe · 2023-01-06 11:26:36 UTC

Thanks, I will read the provided links. Not sure which of them I’ve read already, but hopefully I will see my mistakes.

damiano70 · 2023-01-06 11:37:29 UTC

There is a tool to create the xml file in the links above