Operational Defect Database
BugZero updated this defect 33 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
VMware | 92800
How to reset SDDC Manager vcf and root user accounts
Last update date:
4/17/2024
Affected products:
Cloud Foundation
Cloud foundation
Affected releases:
5.x4.x
Fixed releases:
No fixed releases provided.
Description:
Purpose
This article provides instructions on how to reset the vcf and root user accounts for SDDC manager.
Resolution
Login to the vCenter/vSphere UI and find the SDDC Manager VM.Once you click on the SDDC Manager VM, under the IP address should be the host FQDN for which ESXi the VM is sitting on.Open a new tab and paste the ESXi host FQDN into your browser and login to the host UI via root. Click on Virtual Machines, then click on the SDDC Manager VM > Edit > VM Options > Boot OptionsSet the Boot Delay to 10000 milliseconds.Open the VM console and On the right-hand side of the console should be a button that says Actions. Click on Actions > Power > Reset.When you see the Photon screen, hit the 'e' key to get into the GRUB. Use the arrow keys to navigate to the line beginning with linux and add the following to the end of the line rw init=/bin/bash Press the F10 key to continue booting the VM. Run the following commands to unlock the vcf and root accounts: For VCF versions up to VCF 5.0.0.1, use : /usr/bin/pam_tally2 -u root -r /usr/bin/pam_tally2 -u vcf -r For VCF versions starting from VCF 5.1.0.0, use: /usr/bin/faillock --user root --reset /usr/bin/faillock --user vcf --reset Note: If there are any failures, you will need to use the up arrow key to re-run the command until the failures column shows 0. Run the following commands to set the accounts to a temporary password: passwd vcf passwd root Then reboot SDDC by running the following: reboot -f After a few minutes, SSH into the SDDC Manager with the vcf user and temp password and then su root and enter the temp password for root. Then run the following command to clear the passwords: echo "" >/etc/security/opasswd Now we can reset the accounts to new passwords or a password previously used by using commands mentioned in Step # 11 Note: Make a note of what the vcf and root passwords were changed to.16. Here is the below command to change the age of the VCF and Root VCF : chage -M 999 vcf Root : chage -M 999 root
Related Information
https://kb.vmware.com/s/article/2149860
