RaoulTLS
Contributor
Contributor

Esxi 6.5 root password does not work

Dear support

Was working on a new Esxi single host ESXi with 4 VM running on it

Was trying to install Vcenter for a couple of time (10)

Changed password of root account a cople of times succesful

The old root password was not complex enough so i added 2018! behind it.

And now I cant login to ESXi with none of the password

password contains #!_@ in it

In said change succesfull

And now i cant login anymore

Changed root password today about 10 - 20 times

Is the a way to recouver password or reset it.

can get acces to console.

Is there amaximun munber of times you may change root password

thx

0 Kudos
16 Replies
MBreidenbach0
Hot Shot
Hot Shot

As far as I know there is no supported way of resetting an ESXi root password. The official way is to reinstall.

It can be done using Host Profiles but that requires vCenter and Enterprise Plus license. And you need the root password to add the host to vCenter if you don't have one.

I've read once somewhere that it also can be done by booting a Linux CD and changing the password hash value to that of a known password but that procedure was rather complex as far as I remember. Also required some unpacking + packing of tgz files. And its VERY unsupported. Googled and found this: Reset VMware ESXi root password - Thomas-Krenn-Wiki

RaoulTLS
Contributor
Contributor

The Current host is not connected to Vcenter

is there a lockout enabled on root user when logging in to vsphere client ?

As last result Can shutdown VM's And reboot ESXi and see if i can login with mine root password

is there a case that root pasword was not saved or unable 2 check if its corect

And does a reboot help ?

MBreidenbach0
Hot Shot
Hot Shot

If ESXi looses access to the boot media (may happen i.e. with USB keys or SD cards) then it can't write back config changes to boot media. In this case a root pw change will not be written to boot media (because boot media is no longer accessible).

ESXi Passwords and Account Lockout

Starting with vSphere 6.0, account locking is supported for access through SSH and through the vSphere Web Services SDK. The Direct Console Interface (DCUI) and the ESXi Shell do not support account lockout. By default, a maximum of ten failed attempts is allowed before the account is locked. The account is unlocked after two minutes by default.

0 Kudos
RaoulTLS
Contributor
Contributor

What will happen to mine VM running on the local data store? (after reinstall)

If i reboot the esxi host VM's will be shutdown

Mine only DC is running on it

have a backup of DC of 2 days ago

Am getting worried stressing out!!

could the instalation of external platform Platform Services Controller deployment

messed it all up ?

0 Kudos
MBreidenbach0
Hot Shot
Hot Shot

The ESXi installer will see that ESXi is already installed and ask whether you want to upgrade or reinstall. Upgrade will keep the unknown password so that won't work. If you select reinstall it should ask whether it should keep VMFS filesystems or not. You definitely want to keep existing VMFS filesystems. When the installation is finished you'll have to reconfigure ESXi networking and other stuff.

Trying to install vCenter or a PSC should not cause this.

0 Kudos
RaoulTLS
Contributor
Contributor

Im realy freaking out.

Hope the boss will not fire me fur this fuck up

Was extra careful but not careful enough

Was thinking make asecond account for backup purpuse ..

1 Production Server what i have a backup so is not the end of te world i hope

0 Kudos
MBreidenbach0
Hot Shot
Hot Shot

You say you don't have a current backup. Can do do a backup first ?

0 Kudos
RaoulTLS
Contributor
Contributor

have backup of all VM's moved to new esxi 6.5

host are comming from esxi 5.1

So have backup of all VM's moved to new esxi 6.5

0 Kudos
RaoulTLS
Contributor
Contributor

can i find password in

vmware.log

VMware vCenter Server Appliance

wat was installed on nas instead of local storage

0 Kudos
daphnissov
Immortal
Immortal

No passwords are ever exposed in log files, so no. As mentioned, if you truly do not remember your ESXi password and do not have this host joined to a vCenter, you will have to re-install ESXi. However, doing so will give you the option to preserve any VMFS datastores the installer finds and, therefore, your VMs. Ensure you have current, known good (and tested, if necessary) backups before proceeding.

0 Kudos
RaoulTLS
Contributor
Contributor

Ok some more background Info

Setup is

2 Esxi Servers 5.1 connected to Vcenter 5.1

New server Esxi 6.5 Standalone not connected to Vcenter

The 2 Old Esxi server have same root account and password.

new Esxi server has a other root password.

I reinstalled Esxi Was able 2 login brom mine laptop on location after reinstall and logon to console.

Then i Went home then i was not able log on fron brouwser (chrome IE Firefox)

The went to location and logon to console password is ok.

Enabled SSH and telnet

Then used Pc onsite user and was able 2 login from brouwser.

Then i Closed the brouwser .

Could not login any more from his workstation.

I closed mine ssh connection i could not login with ssh also after loging out.

restart managemet network on console.

Still not able 2 login from brouwser.

What am i dooing wrong ?

0 Kudos
daphnissov
Immortal
Immortal

I don't know, it's hard to follow your chain of different login events and locations. In any case, leave the host alone for an hour. Attempt to login directly via the console (not ssh, not C# client, not web browser [if this is ESXi 6.5]). If you cannot login directly via the console after this, you must be typing your password incorrectly. I don't see another explanation other than that.

0 Kudos
RaoulTLS
Contributor
Contributor

Login on to console no problem

Remote with ssh no luck

Brouwser also not posible

Firewall or Eset appliance cant be the problem

0 Kudos
daphnissov
Immortal
Immortal

What is the output of esxcli software vib list | grep esx-ui ?

0 Kudos
a_p_
Leadership
Leadership

Did you try to change the root password to something else (e.g. without a "!" at the end) from the console?

for the steps to do this, see e.g. https://kb.vmware.com/s/article/1004659

André

0 Kudos
nchoatentt
Contributor
Contributor

$vmhost = Get-VMHost -Name $vmhost

$esxcli = get-esxcli -vmhost $vmhost -v2        #Gain access to ESXCLI on the host.

$esxcliargs = $esxcli.system.account.set.CreateArgs()       #Get Parameter list (Arguments)

$esxcliargs.id = $NewCredential.UserName        #Specify the user to reset

$esxcliargs.password = $NewCredential.GetNetworkCredential().Password   #Specify the new password

$esxcliargs.passwordconfirmation = $NewCredential.GetNetworkCredential().Password

Write-Host ("Resetting root password for: " + $vmhost)      #Debug line so admin can see what's happening.

$esxcli.system.account.set.Invoke($esxcliargs)        #Run command, if returns "true" it was successful.

0 Kudos