SonicWall Credentials Reset Tool (Python – For Advanced Users)

Description

The SonicWall Reset Credentials tool is a comprehensive Python application designed to help administrators identify and prioritize credential-related security tasks. It highlights areas that require attention, but does not perform automatic remediation of identified issues. 

In addition to the primary purpose of credential-related security auditing, the option to perform automated password and TOTP resets for local user accounts only has been included to assist with the recommended remediation step for local user accounts detailed here: Essential Credential Reset. 

💡Note: To use this tool, you’ll need Python installed and should be comfortable running simple Python commands. 

What This Tool DOES  

  1. Analyzes configurations - 30+ security checks based on SonicWall’s “Remediation Playbook” and “Essential Credential Reset” guidelines 

  1. Provides detailed reports - Console tables + markdown 

  1. Downloads diagnostics - TSR, logs, settings 

  1. Manages local user passwords - Force resets, temp passwords 

  1. Removes TOTP bindings - When explicitly enabled 

  1. Batch processing - CSV-based multi-firewall support 

  1. Severity filtering - Critical/High/Medium/Low 

  1. Auto-API enabling - Temporary SSH-based activation 

What This Tool DOES NOT DO 

  1. ❌ Automatically change server passwords/shared secrets 

  1. ❌ Modify VPN policies/certificates 

  1. ❌ Update third-party service credentials 

  1. ❌ Make config changes without explicit consent 

  1. ❌ Store/transmit credentials beyond the scope of the current execution, input CSV, and local markdown report 

Credential-related configuration areas audited:

  • Authentication servers and agents - LDAP, RADIUS, TACACS, SSO Agents, TS Agents, and 3rd Party API Clients
  • VPN Policies - IPSec
  • Network Services - Dynamic DNS, NAC, NTP, PPPoE/PPTP/L2TP, Security Services Proxy
  • Wireless - Local AP profiles, Guest Services, Local RADIUS Server
  • Infrastructure - Extended Switches and Advanced Routing Protocols
  • Reporting, Monitoring, and Management - SNMPv3, Email Log Automation, Packet Monitor FTP, TSR/EXP Scheduled Exports
  • Cloud Integrations - AWS API and Cloud Secure Edge
  • Local User Management - Local Users & TOTP 

Resolution

Tool Location – GitHub:

NOTE: This tool is provided "as-is" and falls outside the scope of official SonicWall technical support services.

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
NSa Series
Firewalls
SonicWall NSA Series
Firewalls
TZ Series
not finding your answers?
Ask the Community