1. 程式人生 > >如何為vCenter6.0重置SSO管理員密碼

如何為vCenter6.0重置SSO管理員密碼

當我們vCenter登入時,會經常性有人容易忘記這個很重要的SSO Administrator密碼,下面針對這個忘記密碼進行如何處理

1、首先登入vCenter伺服器,不是server的IP地址,別登入錯了

[c:\~]$ ssh 192.168.1.200


Connecting to 192.168.1.200:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.


VMware vCenter Server Appliance 6.0.0.30000

Type: vCenter Server with an embedded Platform Services Controller

WARNING! The remote SSH server rejected X11 forwarding request.
Last login: Mon Nov 12 03:38:57 UTC 2018 from 192.168.1.74 on pts/0
Last login: Mon Nov 12 06:16:04 2018 from 192.168.1.74
Connected to service

    * List APIs: "help api list"
    * List Plugins: "help pi list"
    * Enable BASH access: "shell.set --enabled True"
    * Launch BASH: "shell"

Command> shell.set --enabled True##先執行此命令,要不然無法進去shell命令下
Command> shell ##進入Shell中
    ---------- !!!! WARNING WARNING WARNING !!!! ----------

Your use of "pi shell" has been logged!

The "pi shell" is intended for advanced troubleshooting operations and while
supported in this release, is a deprecated interface, and may be removed in a
future version of the product.  For alternative commands, exit the "pi shell"
and run the "help" command.

The "pi shell" command launches a root bash shell.  Commands within the shell
are not audited, and improper use of this command can severely harm the
system.

Help us improve the product!  If your scenario requires "pi shell," please
submit a Service Request, or post your scenario to the
https://communities.vmware.com/community/vmtn/vcenter/vc forum and add
"appliance" tag.

localhost:~ # /usr/lib/vmware-vmdir/bin/vdcadmintool ##進入vdcadmintool 工具可以重新設定密碼


==================
Please select:
0. exit
1. Test LDAP connectivity
2. Force start replication cycle
3. Reset account password
4. Set log level and mask
5. Set vmdir state
==================

2、查詢當前使用登入時的域名地址

localhost:~ # /usr/lib/vmware-vmafd/bin/vmafd-cli get-domain-name --server-name localhost
vsphere.local

3、再次登入vdcadmintool 工具中,輸入3後再把登入vcenter登入名給輸入

localhost:~ # /usr/lib/vmware-vmdir/bin/vdcadmintool


==================
Please select:
0. exit
1. Test LDAP connectivity
2. Force start replication cycle
3. Reset account password
4. Set log level and mask
5. Set vmdir state
==================

3
  Please enter account UPN : [email protected]
New password is -
;Bi\F6}%mG-41mHEqavd

說明:選擇3.Reset account password,此處只需輸入數字3敲回車即可,此時需輸入account UPN(使用者主體名稱)也即是SSO賬戶名稱,一般的格式為[email protected]域名,此處以[email protected]vsphere.local為例,敲回車後,系統會自動生成一個新密碼,複製密碼

官方解決方案如下:

On the Platform Services Controller or vCenter Server with Embedded Platform Services Controller Appliance

  1. Log in to vCenter Server Appliance using SSH as the root user.
  2. Run this command to enable access the Bash shell:

    shell.set --enabled true
     
  3. Type shell and press Enter.
  4. Run /usr/lib/vmware-vmdir/bin/vdcadmintool.

    This console loads:

    ================================
    Please select:
    0. exit
    1. Test LDAP connectivity
    2. Force start replication cycle
    3. Reset account password
    4. Set log level and mask
    5. Set vmdir state
    ================================
     
  5. Press 3 to enter the Reset account password option.
  6. When prompted for the Account UPN, enter:

    [email protected]_Domain_Name.local

    A new password is generated.

    Note: If your vSphere Domain name is customized, provide the customized domain name.
     
  7. Use the generated password to log in to the [email protected]_Domain_Name.local account.
  8. After the password is regenerated, log in to the vSphere Web Client and change the password.

官方出處:https://kb.vmware.com/articles/en_US/Article/2146224?docid=2034608

4、把重新生成的密碼登陸webclient修改Singal Sign-On密碼,也可以不用加9443埠

登入: https://192.168.1.200:9443/vsphere-client/#

修改密碼:

 

5、用修改過的密碼登入vSphere client登入即可