Menu

Virtual Geek

Tales from real IT system administrators world and non-production environment

How to reset vCenter Server SSO administrator@vsphere.local password

Whenever I get a already configured VMware vSphere projects handover to optimization and modernization, Sometimes I received infrastructure vCenter server with forgotten passwords either root or administrator@vsphere.local. In my earlier blog I have already shows a procedure to Resetting root password in VMware vCenter Server Appliance, here I will be resetting a password of forgotten vCenter Server SSO user administrator@vsphere.local. To start procedure on VCSA version 6.x or 7 login to it using ssh tools or puTTY. Type Shell command to access BASH and configuration.

vmware vsphere vcenter server vcsa putty ssh openssh esxi banner bash shell plugins api root granted reset administrator@vsphere.local password sso psc vcsa appliance photonos

All the PSC SSO AD related main commands are located inside folder /usr/lib/vmware-vmdir/bin and the the command to sso users reset utility name is vdcadmintool. Once command is executed, it prompts for choice, select option 3. Reset account password and type the SSO account UPN, in my case I want to reset administrator username, so upn name format is administrator@vsphere.local. It will generate a new random password copy it or save it in file to login.

/usr/lib/vmware-vmdir/bin/vdcadmintool

=======================
Please select:
0. exit
1. Test LDAP connectivity
2. Force start replication cycle
3. Reset account password
4. Set log level and mask
5. Set vmdir state
6. Get vmdir state
7. Get vmdir log level and mask
========================

3
  Please enter account UPN : administrator@vsphere.local
New password is -
Your new password here

vmware vcenter vcsa server appliance putty ssh openssh vdcadmintool sso psc single sign on reset administrator@vsphere.local password usr lib vmware-vmdir bin vdcbackup active directory reset account password upn.png

On the vSphere ui client, try login with the generate new password of administrator@vsphere.local user.

vmware vsphere vcenter server vcsa portal ui websso saml2 psc administrator@vsphere.local password reset windows session authentication login download enhanced authentication plugin.png

Once authentication is successful, on the top-right side click the user name Administrator@vsphere.local and from drop down menu select Change Password. Type Current password and choose a new password and SAVE it.

vmware vsphere vcenter server esxi administrator@vsphere.local change password current new password putty psc sso tool plugin DRaas workload management logout password forgotten.png

Another way of changing password of Administrator@vsphere.local is navigate to Administration >> Single Sign On >> Users and Groups >> Select Users Tab >> Choose vsphere.local Domain from the list >> Select Administrator User >> Click EDIT >> Type new Password with confirm Password and SAVE it. 

Vmware vsphere client web desktop client administrator sso psc single sign on Users and Groups administrator@vsphere.local reset forgotten password edit user save password putty ssh tool ad tools.png

Above process is applicable to Vcenter 6.x, 7 and above version, To change the vsphere.local domain users password on vCenter 5.5 version there is slight change, instead of account UPN you will need to provide Account DN in the format of cn=administrator,cn=users,dc=vsphere,dc=local.

vmware vsphere web server vcenter server vcsa vcenter appliance sso psc photon reset account password user lib vmware-vmdir bin vdcadmintool vmdir state ldap connectivity replication forgot administrator@vsphere.local.png

/usr/lib/vmware-vmdir/bin/vdcadmintool

=======================
Please select:
0. exit
1. Test LDAP connectivity
2. Force start replication cycle
3. Reset account password
4. Set log level and mask
5. Set vmdir state
========================

3
  Account DN : cn=administrator,cn=users,dc=vsphere,dc=local
New password is -
your new password here

If you have older version of vCenter 5.1, you can go to /usr/lib/vmware-sso/utils folder, run command ./rsutil reset-admin-password, Enter the master password (this is root password), Then Enter the SSO administrator name to reset, example: admin. type the new password when prompted and it will show Password reset successfully message.

Useful Articles
Reset forgotten ESXi root password on Domain joined Esxi using vSphere web client and Powercli
Reset ESXi root password using Host Profiles on vCenter server: VMWare vSphere Web client
Resolved: Reset Esxi forgotten root password using hiren bootCD step by step
Generate new self-signed certificates for ESXi using OpenSSL
Push SSL certificates to client computers using Group Policy
Replacing a default ESXi certificate with a CA-Signed certificate
Troubleshooting replacing a corrupted certificate on Esxi server 

Go Back



Comment

Blog Search

Page Views

11241250

Follow me on Blogarama