I recently tried upgrading vCenter server from 6.7u3i to 6.7u3m and it failed, this in itself doesn't surprise me as I've seen this so many times.
I rolled the snapshot back but my previous image now appeared out of sync and I was getting "Error 87" in /var/log/vmware/vmdird/vmdird-syslog.log , FYI "Error 87" is because the password string is too long, so I used /opt/likewise/bin/lwregshell to reset the password using
cd HKEY_THIS_MACHINE\services\vmdir\
set_value dcAccountPassword "shortpassword"
I then restarted vmdird which gets rid of the "Error 87" and I now get "Error 49" which is a password mismatch, understandable so I then use
/usr/lib/vmware-vmdir/bin/vdcadmintool
3
Please enter account UPN : hostname.domain@domain.local
This should only produce a 20 character password but due to our password policy we have a minimum of 50 so the passwords I am getting are then too long again.
I have tried other methods of resetting the password including,
./dir-cli password reset --account hostname.domain@domain.local --login administrator
but I get an error 1326 from that, which I presume is something to do with vmdird not running correctly.
I've also tried with
./dir-cli computer password-reset
but that just produces a 50 character password as well.
I need to find out how I can change the default password length or maximum length back to 20 to get around this issue.
Any help would be greatly appreciated.
Hi,
If you are able to get the vmdir service up, post running
/usr/lib/vmware-vmdir/bin/vdcadmintool 3 Please enter account UPN : hostname.domain@domain.local
you can use powercli scripts to change the max sso password length https://www.virtuallyghetto.com/2020/10/powercli-module-for-managing-vcenter-single-sign-on-sso.html . Do give it a try.
Thanks for your response. I tried this on your suggestion but sadly it won't allow me to connect even with vmdir started.