Login

AUTOVM Blog > Other > HowTo: reset v…

HowTo: reset vCenter 7 VCSA password or unlock account

By Alireza Mahdavi | 18 May 2022 | 232 views

HowTo: reset vCenter 7 VCSA password or unlock account

Step 1

Take a snapshot of the VM and proceed with forcing a reboot. Once the photon OS splash screen is showing, quickly press “e” to reveal the Grub boot menu.

Move the cursor to the end of the line starting with “linux” and ending with “$systemd_cmdline”

Enter “rw init=/bin/bash” at the end of the line like the below picture:

Then enter: “F10”

Step 2

Now that you are dropped into the system enter the ‘passwd’ command to reset the root user account.

mount -o remount,rw / 
passwd

Step 3

User accounts can be unlocked using the pam_tally2 command with switches –user and –reset.

pam_tally2 -–user=root --reset

Also, I was still under attack in my case, so I’ve increased the root locked login number to 9999. So I’ve enabled the firewall, and reversed the lock password number back from the VCenter appliance (which is explained in step 5).

chage -I -1 -m 0 -M 99999 -E -1 root

Once completed, the user account will be unlocked, and the account can be used again.

Step 4

Finally, reboot the VCenter VM:

reboot -f

Step 5

From the vSphere Client, go to Administration >> Single Sign-On >> Configuration >> Policies >> Lockout Policy.

View the values for the lockout policies.

The following lockout policy should be set as follows:

The time interval between failures: 900 seconds

If this lockout policy is not configured as stated, this is a finding.

From the vSphere Client go to Administration >> Single Sign-On >> Configuration >> Policies >> Lockout Policy.

Click “Edit”.

Set the “Time interval between failures” to “900” and click “OK”.

Related Blogs

Add Ubuntu 22.04 and Debian 11 on AutoVM

Ubuntu 22.04 and Debian 11 has been released for AutoVM platform. Download and deploy OVA templates into your servers. Ubuntu and Debian link. Then […]

New AutoVM WHMCS module client area

The new AutoVM WHMCS module will be released this month with enormous updates regarding the client area interface. Take a look at our new […]

How to upgrade ESXi through CLI

Step 1: Enable SSH through the web client and connect to your ESXi host. Step 2: Enter the following command to enable the firewall rule for […]

Subscription for email

Future-proof your business by moving to AutoVM