Through ssh and on the web client I can connect with a user of this format: administrator@domain. (not sure why the domain doesn't have a suffix, like domain.com, but this is how it is). On the web client, of course, I have access to change whatever I please. There doesn't seem to be any restrictions. On the console through ssh, on the other hand, I cannot sudo into root (sudo su - it says: [sudo] password for nobody). I also tried 'su' directly, but at the 4th attempt it said "lcoked due to 4 failed logins".

whoami returns "nobody". I feel like in that Cyclops scene from the Odyssey! Of course, with this user I cannot access /etc/shadow or any privileges. I don't have much experience with vmware's linux distro. I see that using the shell is actually not recommended, it pushes you to use the commands in the Command> prompt. Not sure where to go from here.

Ok, firstly, what version of vCenter are you using here? Second, when you access the console (not SSH) of the vCSA, you can or can not login as root? If you *can* login as root, when you hit the VAMI at https://<FQDN>:5480 and you login as root, what do you get? Also when logged in as root via console, what does chage -l root show?

The version is 6.5.0.5600

I can't log in using the root user anywhere.

What's even weirder is that through the console I cannot log in either using the administrator@vsphere.company (that's actually the format of the username, I didn't pay attention earlier). The password seems randomly generated, and as I can't paste it into the console, I might be typing it wrong, although I did try it very carefully two times. Through ssh it works fine by c/p.

So administrator@vsphere.company is the only username I've got, and that's the username I'm using for the web client, on which, as I've already said, I seem to have all the necessary privileges. There's no trace of a username called 'administrator' in the /etc/passwd, on the other hand, so it's obvious that it's not a system username and that the authentication is done differently (a local database etc.?)

Does that mean that I have to reset the vm and change the root password? In a tutorial I saw that the root password is also somehow connected to the grub password.

While in the process of resetting the VAMI root password, I'm guessing the running vms in the 3-host cluster are not going to be affected, right? I'm not talking about HA, but simply about them being accessible and running correctly.

I also took a snapshot of the VAMI in case something goes wrong while doing the upgrade. I'd like to upgrade directly to 6.7 (I suppose this won't be a problem even if it's a pre update 1 build, right?). So if I encounter any problems during the update, would I normally have any trouble accessing the host on which the VAMI resides and restore it to the previous state?

The VAMI is what the web page over port 5480 is called. The vCenter Server itself is called vCSA. Just so we have terms correct.

No, VMs running on ESXi hosts won't be impacted by resetting the root password to the vCSA.

As far as the upgrade is concerned (this is a major upgrade), there are more things to check here and I can't give you a good answer. This needs to be done with care since there are many things to consider. That aside, even if validated, I would personally recommend waiting for 6.7 U1 before pursuing a vSphere upgrade.

Thanks a lot for your help. The last information especially was very helpful. I'll postpone the upgrade and in the meantime I'll just reset the root password, so as to have the server ready.

I should have clarified earlier when I said "upgrade". I actually meant "update". You can go to 6.5 U1 or even U2 if you wish. But the jump to 6.7 is considered a major "upgrade" and for that I would wait, personally, until U1 is released (which should be soon).

After I reset the root password, I ended up with this unfortunately:y

503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x7f009c095810] _serverNamespace = / _isRedirect = false _pipeName =/var/run/vmware/vpxd-webserver-pipe)

I'm quite sure this has nothing to do with the root reset procedure, as it was really easy and very similar to another linux distros. I'm going to open another thread on this subject. For a lot of people this simply occurred after a mere restart - not related to root reset.

Forget that. I simply had to wait a little bit more for the necessary services to load I checked service-control --status-all, a bunch of them were in the 'startpending' phase. Now they've started and it works as expected.

(I'm currently updating the vCSA to U2c)