The only KB I could find about this refers to the password not being complex enough. The password meets all the criteria. The passwd command doesn't even let me enter the password, it throws this error. I also tried from the web client, same issue. Any idea how to fix this?
[root@xxxx-esxi00:~] passwd
Changing password for root
passwd: Authentication token manipulation error
passwd:
[root@xxxx-esxi00:~]
Full process: https://kb.vmware.com/s/article/1004659
Hello.
The info in this link may help you.
This doesn't work. I am SSH in as root.
I tried to issue the command passwd and specifying the root account yet it still gives this error . Doesn't even give me a chance to enter the new password
passwd root
Changing password for root
passwd: Authentication token manipulation error
passwd:
Hello.
Try another way:
Login to the DCUI (to enable the ESXi Shell if not already done) Login with root and the correct password. Go to Troubleshooting Options Select Enable ESXi Shell
Press CTRL+ALT+F1 At the ESXi shell login with root and the password Run the following commands to show number of failed attempts:
pam_tally2 --user root
Post your result
If you succeed to login you can also try to change the password
you should get something like this
In ESXi 6.5 and later, default password compliance is mix of characters from four character classes is used when creating a password.
The character classes are:
Lowercase letters
Uppercase letters
Numbers
Special characters (e.g. _ or -)
Fixed the issue. There was an entire line missing from /etc/pam.d/passwd . No idea how that happened (this is a ESXi built into a Dell IDPA solition I was trying to change password on)
EMC support helped me. We had to add this and then I was able to change the root password right away
# Change only through host advanced option "Security.PasswordQualityControl".
password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,7,7