当我们vCenter登录时,会经常性有人容易忘记这个很重要的SSO Administrator密码,下面针对这个忘记密码进行如何处理
1、首先登录vCenter服务器,不是server的IP地址,别登录错了
[c:\~]$ ssh 192.168.1.200
Connecting to 192.168.1.200:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
VMware vCenter Server Appliance 6.0.0.30000
Type: vCenter Server with an embedded Platform Services Controller
WARNING! The remote SSH server rejected X11 forwarding request.
Last login: Mon Nov 12 03:38:57 UTC 2018 from 192.168.1.74 on pts/0
Last login: Mon Nov 12 06:16:04 2018 from 192.168.1.74
Connected to service
* List APIs: "help api list"
* List Plugins: "help pi list"
* Enable BASH access: "shell.set --enabled True"
* Launch BASH: "shell"
Command> shell.set --enabled True##先执行此命令,要不然无法进去shell命令下
Command> shell ##进入Shell中
---------- !!!! WARNING WARNING WARNING !!!! ----------
Your use of "pi shell" has been logged!
The "pi shell" is intended for advanced troubleshooting operations and while
supported in this release, is a deprecated interface, and may be removed in a
future version of the product. For alternative commands, exit the "pi shell"
and run the "help" command.
The "pi shell" command launches a root bash shell. Commands within the shell
are not audited, and improper use of this command can severely harm the
system.
Help us improve the product! If your scenario requires "pi shell," please
submit a Service Request, or post your scenario to the
https://communities.vmware.com/community/vmtn/vcenter/vc forum and add
"appliance" tag.
localhost:~ # /usr/lib/vmware-vmdir/bin/vdcadmintool ##进入vdcadmintool 工具可以重新设置密码
==================
Please select:
0. exit
1. Test LDAP connectivity
2. Force start replication cycle
3. Reset account password
4. Set log level and mask
5. Set vmdir state
==================
2、查询当前使用登录时的域名地址
localhost:~ # /usr/lib/vmware-vmafd/bin/vmafd-cli get-domain-name --server-name localhost
vsphere.local
3、再次登录vdcadmintool 工具中,输入3后再把登录vcenter登录名给输入
localhost:~ # /usr/lib/vmware-vmdir/bin/vdcadmintool
==================
Please select:
0. exit
1. Test LDAP connectivity
2. Force start replication cycle
3. Reset account password
4. Set log level and mask
5. Set vmdir state
==================
3
Please enter account UPN : [email protected]
New password is -
;Bi\F6}%mG-41mHEqavd
说明:选择3.Reset account password,此处只需输入数字3敲回车即可,此时需输入account UPN(用户主体名称)也即是SSO账户名称,一般的格式为administrator@SSO域名,此处以administrator@vsphere.local为例,敲回车后,系统会自动生成一个新密码,复制密码
官方解决方案如下:
On the Platform Services Controller or vCenter Server with Embedded Platform Services Controller Appliance
- Log in to vCenter Server Appliance using SSH as the root user.
- Run this command to enable access the Bash shell:
shell.set --enabled true
- Type shell and press Enter.
- Run /usr/lib/vmware-vmdir/bin/vdcadmintool.
This console loads:
================================
Please select:
0. exit
1. Test LDAP connectivity
2. Force start replication cycle
3. Reset account password
4. Set log level and mask
5. Set vmdir state
================================
- Press 3 to enter the Reset account password option.
- When prompted for the Account UPN, enter:
User@vSphere_Domain_Name.local
A new password is generated.
Note: If your vSphere Domain name is customized, provide the customized domain name.
- Use the generated password to log in to the User@vSphere_Domain_Name.local account.
- After the password is regenerated, log in to the vSphere Web Client and change the password.
官方出处:https://kb.vmware.com/articles/en_US/Article/2146224?docid=2034608
4、把重新生成的密码登陆webclient修改Singal Sign-On密码,也可以不用加9443端口
登录: https://192.168.1.200:9443/vsphere-client/#
修改密码:
5、用修改过的密码登录vSphere client登录即可