VMware Cloud Community
entekhab
Contributor
Contributor
Jump to solution

I can't recover or change vCenter appliance v6.7.0.30000 root password

Hi

I forgot vCenter appliance root password. To reset it, I did the steps mentioned in this article

but unfortunately I can't login with the new password! In vCenter appliance console, I receive the following message "Authentication failed. Invalid login or password." 

Can anyone help me solve this problem ?

Reply
0 Kudos
1 Solution

Accepted Solutions
entekhab
Contributor
Contributor
Jump to solution

Hey Nacho

Thanks for your tips, my first problem was that root password had expired and after I changed the expiration date with chage command, I still could not login to vCenter Appliance console, then I found out that failed logins count was much more than normal, then I realized SSH was enabled and it was under attacks and Photon OS locked root user after 3 times unsuccessful login for several minutes . but after I put it behind the firewall, my problem was solved.

Of course, Andre's tips were also useful.

 

screenshot.png

 

View solution in original post

Reply
0 Kudos
10 Replies
a_p_
Leadership
Leadership
Jump to solution

Just a quick question. When you say that you cannot login to the "vCenter appliance console", are you referring to the web login on port 5480, or the native console (CLI) itself?
If you are able to login to the CLI, check whether the applmgmt service is up and running (service-control --status), and try to start it if it is not running (service-control --start applmgmt) . There's a known issue with this, see https://kb.vmware.com/s/article/68149.

Other than this try to reset the root password again using a less complex password, e.g. "VMware!1" to avoid possible issues with certain special characters.

André

Reply
0 Kudos
entekhab
Contributor
Contributor
Jump to solution

I can't login on native CLI. I reset the root password using a complex password but I still can not login.

screenshot.png

 

Reply
0 Kudos
a_p_
Leadership
Leadership
Jump to solution

Is it the same on the console (Alt-F1)?

André

Reply
0 Kudos
entekhab
Contributor
Contributor
Jump to solution

Unfortunately yes.

screenshot2.png

 

screenshot3.png

 

Reply
0 Kudos
a_p_
Leadership
Leadership
Jump to solution

That seems to be another issue with the failed logins.
Do you run any monitoring tools, or penetration tests which try to connect to the vCSA?
After many login attempts (3 by default), login is disabled for several minutes.

André

Reply
0 Kudos
entekhab
Contributor
Contributor
Jump to solution

Yes I do, I'm using Zabbix monitoring and I have disabled it.

I tried to unlock root account with these commands => pam_tally --user root --reset  or faillog -u root -r but the problem still exists.

What do I have to do ?

Reply
0 Kudos
a_p_
Leadership
Leadership
Jump to solution

What you may consider is to - temporarily until you find out who's causing the issue - change the lockout settings for the root account.
See e.g. https://www.ferroquesystems.com/resource/howto-reset-vcenter-7-vcsa-password-unlock-account/

I don't have access to a vCSA, but something like 

grep failure /var/log/auth.log

may help identifying the source for the failed logins

André

Reply
0 Kudos
entekhab
Contributor
Contributor
Jump to solution

Hi André, Thanks for your tips. I realized SSH was enabled on VCSA and it was under unsuccessful attacks and the user account was locked after certain number of failed SSH login attempts. after I disabled it my problem was solved.

Reply
0 Kudos
nachogonzalez
Commander
Commander
Jump to solution

Hey, hope you are doing fine:

I think you have an expired root password:
Let's try this:

1. run any of this KB's

https://kb.vmware.com/s/article/2147144
https://www.altaro.com/vmware/reset-root-password-vcsa-6-x/
https://nolabnoparty.com/en/reset-vcsa-root-password/

2. before running passwd run

chage --list root


you will see the expiration date for root password
if the password is expired, proceed with

chage -m 0 -M 99999 -I -1 -E -1 root


This way you will set it to never expire (it can be changed later) 


3. Proceed with 
passwd root and change password


let me know if that works

Warm regards

Tags (1)
Reply
0 Kudos
entekhab
Contributor
Contributor
Jump to solution

Hey Nacho

Thanks for your tips, my first problem was that root password had expired and after I changed the expiration date with chage command, I still could not login to vCenter Appliance console, then I found out that failed logins count was much more than normal, then I realized SSH was enabled and it was under attacks and Photon OS locked root user after 3 times unsuccessful login for several minutes . but after I put it behind the firewall, my problem was solved.

Of course, Andre's tips were also useful.

 

screenshot.png

 

Reply
0 Kudos