Virtual Geek

Tales from real IT system administrators world and non-production environment

Reset ESXi root password using Host Profiles on vCenter server: VMWare vSphere Web client

Recently I got assigned one of the VMware project, while taking handover I found esxi root passwords are not documented properly for the VMware infrastructure project, Luckily 40% Esxi host were joined into domain and I was able to reset password using Reset forgotten ESXi root password on Domain joined Esxi using vSphere web client and Powercli with few AD changes (group creation), Next thing was on the remaining server where servers are not in domain, there is second way to reset Esxi root password using vCenter host profiles (only the condition is Esxi server must be added to Vmware vCenter server (POWERCLI - CREATE DATACENTER AND ADD ESXI HOST IN VCENTER).

VMware Host Profiles accessible through VMware vCenter Server, it is kind of ESXi template, permits you to create typical configurations for VMware ESXi hosts and to automate compliance to these configurations, streamlining functioning management of across-the-board environments and dropping faults produced by mis-configurations.

Reset forgotten ESXi root password on Domain joined Esxi using vSphere web client and Powercli
Reset ESXi root password using Host Profiles on  vCenter server: VMWare vSphere Web client
Resolved: Reset Esxi forgotten root password using hiren bootCD step by step

To open host profile view on the VMware vSphere Web Client, click home icon, In the Operations and Policies choose Host Profiles.

Vmware vsphere vcenter web client, esxi, reset password, using vcenter, Host profiles configuration, forgot root password

My very first task is to create a standard profile from existing host. In the Host Profiles, On the right side, objects tab, click green + plus button - Extract profile from a host. In the Select Host, Click any of one esxi host. Go to next button.

vmware vsphere esxi client, vcenter server, host profiles, select host, extract profile from a host, reset esxi root password from vcenter, web client, configure forgotten esxi password

On the Name and Description wizard, Enter the meaningful name and description (optional) for the profile, on the last page Ready to complete page review settings and finish wizard.

You can list the newly created Reset_Root_Password ESXi under host profiles, right click on it and go to Edit Settings. On the Edit host profile page wizard, uncheck all the checkboxes on the options and only keep the check box on Security and Services \ Security Settings \ Security \ User Configuration \ root. Here on the Password section from drop down menu choose Fixed password configuration and type your password twice, finish the wizard.

vmware vsphere web client, reset esxi root password, edit host profiles, Security and services, User configuration, Fix password configuration password If you are using Esxi version 6, its password modification information is stored under Security Configuration.

vmware vsphere web client root password reset edit host proiles, security configuration , secuirty and services, administrator configure host with this password, reset change password of root

Here again right click on the Reset_Root_Password host profile, click Attach/Detach Hosts and Clusters, In the Select Host/Clusters, choose cluster or ESXi server in the list, and hit Attach button and you will see the corresponding entity is moved from left to right. There are no configurable item on the Customize hosts, leave it unchecked and it says none of the hosts require additional customizations.

Vmware vsphere web client, reset esxi root password using vcenter, host profiles, Attach detach hosts and clusters, select esxi host, customize host

You can use same actions and wizard by selecting ESXi host or cluster, right click server, from the context menu select Host profiles and you will see same related menu. From Host and clusters view I will remediate esxi server.

vmware vsphere web client esxi, vcenter, host profiles, host and clusters view, extract host profile, attach, remedite, change, detach, check compliance, reset host customizations, export host profile

Another wizard launches and here esxi host is already selected for remediate, Review the remediation tasks that will be executed on the hosts below once the wizard is complete. To see if the selected hosts are ready for remediation and how it will affect them use "Pre-check Remediation". The operation might take more than a minute. After clicking the button State/Tasks from Not checked to Green icon with Ready to remediate. 

vmware vsphere web client, remediate hosts based on host profile, select hosts, esxi, and cluster

When tested One thing to be note, This task reseting root password, doesn't require reboot or host need to be put into maintenance mode.

Rebooting Hosts: Some hosts might require a reboot to complete the remediation process. If you wish to manually reboot hosts at the end of the process deselect the checkbox.

vmware vsphere web client, esxi, vcenter, remediate hosts based on host profile, pre-check remediation, reset root password, ready to remediate host profile

Once you apply host configurations, Pre-check Remediation all the task are listed in the recent tasks and can be viewed, they are successfully applied with no error and without reboot. To verify I used putty to SSH to view if new reseted password is working. VMWARE SECURITY BEST PRACTICES: POWERCLI ENABLE OR DISABLE ESXI SSH

vmware vsphere web client, recent tasks, batch apply host configuration, pre-check remeditation, check host customization status, host profiles esxi, vcenter, test and confirm reset root password with ssh.png

Useful Articles

Go Back


Blog Search

Page Views


Follow me on Blogarama