Back to Community Threads
I can't login as system administrator. Only as domains adminitrator
Problem reported by Juan Antonio Tubio Capel - 3/5/2024 at 10:50 AM
Submitted
J
Hello. I'm having this problem for a long time ago. But as I had this problem only on one computer and not on the other one that I have been using for administration, I didn't care much about this problem. But now I have the same problem on both computers.

I go to webmail login page and if I login with user@domain.com or user, I only can see the administration page for domain.com. I have the same user as administrator on most of my domains.

This is the url I'm send after login: webmail/interface/root#/settings/domain/domain-general-settings (for domain.com)

I checked my history and saw this url for system admin:
webmail/interface/root#/sysadmin/manage

So, I go to login, put only user (not user@domain.com), I'm redirected to webmail/interface/root#/settings/domain/domain-general-settings and then I change url on the browser and try to go there: webmail/interface/root#/sysadmin/manage
And I get an error message: "User does not have rights to perform this action". Or sometimes I get a blank page.

So, my question is: Please, ¿How can I login as a system administrator? 

Thank you!
Patrick Jeski Replied
3/5/2024 at 2:21 PM
I find I can only login as system admin if I click “remember me”. 
J
Juan Antonio Tubio Capel Replied
3/5/2024 at 2:36 PM
Thank you. I tried but not worked for me.
J
Juan Antonio Tubio Capel Replied
3/10/2024 at 2:02 PM
Please, no one can help me?
Zach Sylvester Replied
3/12/2024 at 4:46 PM
Employee Post
Hey Juan, 

It sounds like your domain admin and your system admin have the same username and password. To resolve this you can do the following. 

  1. Stop the SmarterMail service. 
  2. Go to C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Settings
  3. Edit the administrators.json file
  4. Modify the username of the admin user and save the changes. 
  5. Start the SmarterMail service.
Let me know if this helps. 

Thanks, 
Zach Sylvester Software Developer SmarterTools Inc. www.smartertools.com
YS Tech Replied
1/22/2026 at 3:31 AM
I have just started to get this today build 9504.
Was perfectly fine until i came to login this morning.
I've looked for an administrators.json file but can't find one, has this changed. How do I get in now?
David Bartholomew Replied
1/22/2026 at 9:02 AM
I am experiencing the same thing today for the first time.  No Admin login. 

DevTools Console:

XHRPOST
localhost/api/v1/auth/authenticate-user
[HTTP/1.1 401 Unauthorized 16ms]

DoLogout Called: Source: interceptor (responseError) Error: true FailedUsername: undefined site-v-638611916940000000.js:8:4434

If it helps.
<edit>Also running build 9504 at the moment on this server.
J
J. LaDow Replied
1/22/2026 at 9:08 AM
You both might want to check your logs for stuff like this:

10:23:23.816 [212.102.51.5] User @ successfully force-reset-password
10:24:11.561 [2001:41d0:403:5e7c::] User @ successfully force-reset-password
MailEnable survivor / convert --
David Bartholomew Replied
1/22/2026 at 9:41 AM
Yep, I see several times int he log -- but how can we recover from this?
T
Tan Replied
1/22/2026 at 9:51 AM
Did you lost admin login? Windows or Linux? Can you see your administrators.json file. Is your username stated there?

DO NOT share your adminstrators.json in public ya
M
Micah Robichaux Replied
1/23/2026 at 2:25 PM
So, after a bunch of frustration today, I finally came across this and was able to reset the password via the administrators.json file with the help of the KB article about resetting the hash. I got logged back in, but now I can't seem to get it to let me reset my password to anything other then the hashed "admin" password. Every time I try, using "admin" as the "old" password in the form (since that's what it's been reset to now), it just throws a popup saying "Incorrect Passsword". 

I updated to the latest version to see if that made a difference, but still no dice. I would really like to not have my system administrator password be "admin" for all eternity.
D
David Feuer Replied
1/23/2026 at 2:44 PM
Short term I would add 2fa and IP restrictions then figure it out. Just to be safe. 
M
Micah Robichaux Replied
1/23/2026 at 10:17 PM
I do have those configured already, so all good there.

Was just hoping maybe someone had something else I could try for getting the password reset to something more secure.
Stefano Replied
1/24/2026 at 2:20 PM
@Micah
Create a new secondary admin, stop SM service, edit administrators.json making your secondary admin as the primary one (there is a setting inside the json file, just cut and paste inside the new admin), restart SM service and login as the new admin 
Then you can delete the old "admin" from the web interface 😉
YS Tech Replied
1/26/2026 at 4:37 AM
Stefano, that's exactly what i had to do. Check for any extra admin logins that may have been created as well!
Andrew Barker Replied
1/26/2026 at 7:21 AM
Employee Post
The issue with changing the admin's password was mentioned in the thread linked below. Based on conversation there, it sounds like there is a bug preventing sys admin's from changing their passwords if 2FA is enabled. I've added a task to our development queue to look into it.
Andrew Barker Lead Software Developer SmarterTools Inc. www.smartertools.com
YS Tech Replied
1/26/2026 at 8:09 AM
Hi, I've had this happen twice in the last week (not been able to login as admin)
Having to go into the administrators.json file to change the hash to my password.
I'm getting a bit concerned that either someone has hacked it or that the software is corrupting this file.
Looking at my logs (a script I wrote to monitor what's going on), it looks like it creates the file every minute and archives it also:


Could it be getting corrupted, or am I being hacked?

I also can't view the diagnostics page; it says:

You don't have authorisation to view this page.

HTTP ERROR 403

I do use 2FA for my admin login.

I'm on build 9511

Also lots of these in my logs:
[2026.01.26] 08:13:15.475 [172.71.190.82] User @ successfully force-reset-password
[2026.01.26] 11:32:30.134 [172.71.124.23] User @ successfully force-reset-password
[2026.01.26] 11:40:18.520 [157.245.156.118] User @ successfully force-reset-password
[2026.01.26] 11:40:28.393 [162.158.163.243] User @ successfully force-reset-password
[2026.01.26] 11:42:07.030 [178.128.103.218] User @ successfully force-reset-password
[2026.01.26] 11:49:32.112 [172.71.166.251] User @ successfully force-reset-password
[2026.01.26] 11:51:11.658 [162.159.106.47] User @ successfully force-reset-password
[2026.01.26] 11:52:51.203 [172.70.94.93] User @ successfully force-reset-password
[2026.01.26] 11:53:32.471 [172.71.167.42] User @ successfully force-reset-password
[2026.01.26] 11:55:01.810 [172.68.26.76] User @ successfully force-reset-password
[2026.01.26] 11:59:13.364 [162.158.175.105] User @ successfully force-reset-password
[2026.01.26] 12:00:48.043 [162.159.106.3] User @ successfully force-reset-password
[2026.01.26] 12:00:54.176 [198.41.227.178] User @ successfully force-reset-password

Thanks
JerseyConnect Team Replied
1/26/2026 at 1:27 PM
Sounds like your admin password is getting reset by bad actors. 2FA is probably saving you here. Also if you're using the default admin username, change it to something else. That should also stop bad actors from using the exploit since they won't know the username anymore. Regardless you should upgrade to 9518.
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
Upgrading SmarterMail (Domain Conversion)SmarterMail > Installation and Configuration
Reset Administrator Username and PasswordSmarterMail > Installation and Configuration
Reset Administrator Username and Password ( Linux )SmarterMail > Installation and Configuration
Customizing SmarterMail's Webmail InterfaceSmarterMail > Installation and Configuration
Key Feature and Version Milestones in SmarterMailSmarterMail