Resetting the vCenter Server Appliance Single-Sign-On (SSO) password for administrator@vsphere.local user

About this task

Use this procedure to reset the vCenter Server Appliance SSO password for administrator@vsphere.local user.

Refer to the following VMware Knowledge Base article for a procedure to reset the root password if it is required: https://kb.vmware.com/s/article/2147144.

Before you begin

  • Obtain the vCenter Server Appliance root user credentials.

Procedure

  1. Using the SSH Console, log in to the vCenter Server Appliance with the root user credentials.
  2. Enable BASH shell ifCommand> shell.set --enabled true Command> shell ->this is to get in BASH shellShell access is granted to root.
  3. For vCenter 6.5 and above, run the following commands at the bash shell prompt as root user:/usr/lib/vmware-vmdir/bin/vdcadmintool ================== Please select: 0. exit 1. Test LDAP connectivity 2. Force start replication cycle 3. Reset account password 4. Set log level and mask 5. Set vmdir state 6. Get vmdir state 7. Get vmdir log level and mask ==================
  4. Press 3 to reset the password.Enter Administrator@vsphere.local for account UPN and a new password will be generated by the system. Note the new password carefully as you will need it to log into vCenter web client to change the password.Please enter account UPN : Administrator@vsphere.local

    For vCenter 6.5 and above, if prompted for the Account DN, type: cn=Administrator,cn=users,dc=vSphere,dc=local.
  5. Log in to the vSphere web client using the administrator@vsphere.local user name with the system generated password in the previous step 3.
  6. On the Home page, click the 3 lines icon  then navigate to Administration > Single Sign On > Users and Groups > Users.
  7. From the Domain drop-down menu, select vsphere.local.
  8. Select the Administrator user and click EDIT.
  9. On the password change form, enter and confirm the new password for Administrator user and click SAVE.
    Note:Ensure that the new password is compliant with the list of unsupported passwords and password requirements.The following special characters are not supported in SSO passwords:
    • Non-ASCII characters
    • Ampersand (&)
    • Semicolon ( ; )
    • Double quotation mark ( ” )
    • Single quotation mark ( ‘ )
    • Circumflex ( ^ )
    • Backslash ( \ )
    • Percentage (%)
    • Angle brackets ( < , > )
    Repeat the above procedure if the generated password is not compliant.
  10. Logout the web client.
  11. Login the web client again using the new password. If it doesn’t work, the password needs to be reset again.