Have you ever been locked out of DualShield Management Console? Don't panic. The account will be automatically unlocked in 3 minutes, if you have not changed the default Lockout system policy. That means that you can try again in 3 minutes, assuming that you still remember the correct password.

However, what if you have totally forgotten the password? Don't worry, the feature called "safe mode" comes to rescue!

Open Windows Command Prompt, change to: C:\Program Files\Deepnet DualShield\tomcat\bin folder, then execute one of the following command depending on the version

tomcat6w.exe //ES//dualshield 


tomcat8w.exe //ES//dualshield

You will see a dialog style application "DualShield Authentication Server Properties"


Navigate to the tab Java add -Ddual.safe.mode=true in Java Options , click Apply or OK button, then restart DualShield service.

Now, you can log into the Management Console without password. Please note that, in safe mode, you must access the management console from the local machine.


Linux Users

If you have DualShield Linux version installed, you should edit the file "/etc/init.d/dualshield" to achieve the same effect as in Windows, add the following line

-Ddual.safe.mode=true \

just after -Djava.io.tmpdir=$TMP_DIR \, see the image below.


You must restart the service after the modification.

Note: In some system, like Linux console only (no GUI), which means you have to access DMC remotely, then add another parameter, -Ddual.safe.mode.anyip=true

Important: Once you have reset the sa password, make sure you disable the safe mode by removing the line -Ddual.safe.mode=true and restarting the DualShield service, otherwise you will leave a potential security hole.