VMware Cloud Community
mmasdg
Contributor
Contributor
‎05-25-2023 03:30 PM

Need help after disgruntled employee

Hi everyone, I need advice on where to start. We have a VCenter 7 environment with 3 hosts in a cluster. The administrator who used to manage it recently left on bad terms. Every single root, administrator@vsphere.local password was changed on all the hosts and vcenter (which is a vm!). I used to be able to get in with my domain account a month ago, but now I can't. There's also a weird 500 error about fetching identity providers. I'm completely locked out and the only one in my organization who can work on this. I have tried every way to login with every last known password before he changed them. I have physical access to the hosts and saw one guy on youtube use an Ubuntu Live CD to change a root password, but I still wouldn't be able to access vcenter. Not only that, but I don't know if the hosts can handle a failover if I take one down. Any suggestions would be appreciated. This is probably the most stressed I have been at work in a long time. Thanks.

0 Kudos
3 Replies
a_p_
Leadership
Leadership
‎05-25-2023 04:06 PM

There may be other options to recover.

As a first step - regarding the 500 error - please check whether this is perhaps caused by an expired certificate. To find out about this, you may open the vCenter Server URL in a browser, and check the SSL certificates details from there.

André

0 Kudos
mmasdg
Contributor
Contributor
‎05-25-2023 04:08 PM

That is a problem for sure. But I can't get in through SSH or the console either. 

0 Kudos
lamw
Community Manager
Community Manager
‎05-25-2023 04:20 PM

Do you have VMware Support? That would be the first thing I would strongly recommend before making any changes to environment, file an SR and get GSS involved.