4 Replies Latest reply on Feb 19, 2018 12:11 AM by sarikrizvi

    vcenter appliance root login denied

    itmanager2002 Lurker



      facing a problem for the past 4 months.


      i'm unable to login to the vcenter appliance root account.


      via ssh or local console. both throw an access denied error.


      i've tried to see if the password has expired per this article: http://www.virtuallyghetto.com/2013/09/how-to-recover-vcsa-55-from-expired.html

      it was not.


      while i was in there i decided to do try this: http://www.virtualpotholes.com/post/124746380849/how-to-reset-the-root-password-for-vcsa-60

      confirmed that multiple articles said the same thing: http://www.settlersoman.com/how-to-reset-root-password-on-vcenter-appliance-vcsa-6-x/


      saved the shadow file, unmounted the drive and rebooted.


      i'm still unable to logon via ssh or local shell.


      i'm stumped.

        • 1. Re: vcenter appliance root login denied
          jpsider Hot Shot

          my god, 4 months!!!!


          What do you need to connect with root for?  My best guess would be to cut your losses and setup a new appliance.


          Are you able to get into it with a different account?

          • 2. Re: vcenter appliance root login denied
            itmanager2002 Lurker

            i'm able to get in via the administrator account.


            the reason i need root is to do patches on the appliance (unless i don't need root for that?)


            the appliance was originally a vcenter server in 4.5 then migrated to 5.5 and then updated to 6.0. trying to get it up to date.


            making a new appliance would be very time intensive and there are many vapps and such.


            according to a few articles using a boot disk to change the shadow file works. i'm not sure why it hasn't in my case.


            any insight?



            • 3. Re: vcenter appliance root login denied
              itmanager2002 Lurker

              I found some detail into the reason's this was happening.

              when i tried logging in via ssh i just woudl get access denied. the same when logging in via the console.

              when i tried changing the console session (ALT-F1) and logging in there i got a telling message.


              account locked due to 1342 failed logins


              like i said, it's been 4 months.




              all the reset procedure's i've tried DID work. however the account was still LOCKED.


              according to the shadow file it was not. but according to the tally2 pam addin it was!


              following this article (http://www.sneaku.com/2015/06/12/vrealize-operations-manager-6-0-root-account-locked/) and skimming some general linux distro forums validated these findings.



              i was able to use this to unlock the account.

              • 4. Re: vcenter appliance root login denied
                sarikrizvi Enthusiast

                Issue:- Resetting Appliance (vCenter, vRA,etc.) password

                Troubleshooting Steps #

                1. Apply KB # 196 (VMware Knowledge Base) for Repeated characters when typing in remote console

                2. Reboot appliance and Go to grub >>>Type e

                3. Scroll to the second line displaying the kernel boot parameters >>>   Type e   >>>   Type init=/bin/bash  >>>   Enter   >>>    Type b

                4. System boots to a shell    # >>>     Type passwd    >>>     change new password

                5. Unlock root account  - pam_tally --user root --reset  or faillog -u root -r   >>>    Reboot .

                Use above troubleshooting steps and issue will get resolve