vCenter 5.x/6.x: How to reset administrator@vsphere.local account password < ProVirtualzone

View Larger Image

vCenter 5.x/6.x: How to reset administrator@vsphere.local account password

There is a couple of reasons why we can lose our SSO administrator password.

We can forget the password, but also after an update from vCenter from 5.1 to 5.5, we cannot change the password in vSphere Web Client(is grayed out).

If happened, we need to reset the password SSO administrator@vsphere.local.

You can reset the password with the tool vdcadmintool.exe on a Window Server, or from the vCenter Appliance(Linux based).

How to reset
For the vCenter Windows Server:

Log in to the vCenter Server with a domain administrator account, or to vCenter Single Sign-On if SSO is installed in a separated server.

Open a cmd(shell command prompt) console with “Run as Administrator”

Go to vmdird folder, that is located in “Program Files\VMware\Infrastructure\VMware\CIS\vmdird” or in “C:\Program Files\VMware\vCenter Server\vmdird”

Change Directory: c:\cd\Program Files\VMware\Infrastructure\VMware\CIS\vmdird
Run vdcadmintool tool: c:\Program Files\VMware\Infrastructure\VMware\CIS\vmdird>vdcadmintool.exe
Press 3 to choose to: Reset administrator@vSphere.local password account.
Add the Account DN: cn=administrator,cn=users,dc=vSphere,dc=local

Note: if you customized your vSphere Domain name, provide the customized domain name in the Account DN option.(a new password is generated and displayed. Use this password to log into the administrator@vSphere.local account.)
Press 0(zero) to exit console menu.

For the vCenter Server Appliance

For vCenter Appliance is the same procedure as for Windows, except the connection to the vCenter and location of the vdcadmintool

Connect to your vCenter Appliance with ssh and user root(if you did not change the initial password, the default password is vmware).

Note: If ssh is not enabled in the vCenter appliance you need to enabled ssh option in the vCenter Appliance Web Console.

Connect to:

https://ip-address:5480 and in the admin tab enable “Administrator SSH login enabled.”

After you are connected to the vCenter Appliance through ssh, the location of the vdcadmintool is: /usr/lib/vmware-vmdir/bin/vdcadmintool

Reset Password:

Run the tool and use the same procedure/options that are detailed above for Windows vCenter.

Note: If you customized your vSphere Domain name, provide the customized domain name in the Account DN option.

After these tasks, your account administrator@vsphere.local password is reset.

Note: After you reset your account if you want to change the password to your company/environment policy, you can connect to your vCenter with vSphere Web Client and edit user(administrator) and change the password for administrator account.

Go to option “Administration; Single Sign-On; User and Groups; Users Tab” then choose administrator user, right mouse click and choose “Edit User”(or use Edit User icon) and change password.

If you have your administrator@vsphere.local account locked(too many bad password attempts), or any other account, in the “Administration; Single Sign-On; User and Groups Users Tab”, right mouse click and choose “Unlock”(or use Actions – Unlock icon) to unlock the account.

Note: To unlock, or do any changes in the administrator@vsphere.local, or connect to Single Sign-On area, you need a user with Single Sign-On administration permissions.

Additional information you can find it here in VMware KB: KB-2061122 and KB-2034608

Hope this can help you fix your issues with the account administrator@vsphere.local(or other administration accounts).

Note: Share this article, if you think it is worth sharing.

By Luciano Patrao| 2018-11-29T23:13:15+01:00 June 3rd, 2015|VMware Posts|16 Comments

About the Author: Luciano Patrao

I have over 20 years of experience in the IT industry. I have been working with Virtualization for more than 15 years (mainly VMware). I recently obtained certifications, including VCP DCV 2022, VCAP DCV Design 2023, and VCP Cloud 2023. Additionally, I have VCP6.5-DCV, VMware vSAN Specialist, vExpert vSAN, vExpert NSX, vExpert Cloud Provider for the last two years, and vExpert for the last 7 years and a old MCP. My specialties are Virtualization, Storage, and Virtual Backup. I am a Solutions Architect in the area VMware, Cloud and Backup / Storage. I am employed by ITQ, a VMware partner as a Senior Consultant. I am also a blogger and owner of the blog ProVirtualzone.com and recently book author.

16 Comments

javid 26/12/2016 at 13:12 Log in to Reply

is using vdcadmintool must? what if we change password directly from vsphere web client?
- Luciano Patrao 12/01/2017 at 22:28 Log in to Reply
  
  Hi Javi,
  
  Yes you can, but how can you change that password, since you don’t have the initial password to login?
  Also when you upgrade from 5.1 to 5.5, sometimes that option is not available.
- Luciano Patrao 11/06/2017 at 18:45 Log in to Reply
  
  Hi Javid,
  
  Only today I notice that my reply is not sending emails to users that comment on my blog. So now I am just FYI to you regarding my comment.
  
  Thank You
  
  Luciano Patrao
Abbas 27/10/2017 at 13:15 Log in to Reply

thank yo so much it worked for me from windows CMD, but it asked for UPN wich i provide administrator@vsphere.local
- Luciano Patrao 31/10/2017 at 23:16 Log in to Reply
  
  Hi Abbas,
  
  Thank you for your comment and glad to help.
dave 01/11/2017 at 01:01 Log in to Reply

What if we wanted to change the password for another local user? Can we do it via powershell (powercli) or Rest? I want to automate rotating passwords.
- Luciano Patrao 01/11/2017 at 18:57 Log in to Reply
  
  Hi Dave,
  
  Never used, or created a Powershell script for this, but Shawn Masterson has one script on is blog regarding this. Take a look.
  Change password
Default Vcenter - Log In To The Vmware Vcenter Server Appliance Web Console 23/01/2021 at 01:44 Log in to Reply

[…] 6. vCenter 5.x/6.x: How to reset [email protected] … […]
kwf 24/07/2021 at 14:26 Log in to Reply

does not work. on appliance I see the vdcadmintool but unable to run it. Cannot find directory…
- Luciano Patrao 27/07/2021 at 11:38 Log in to Reply
  
  On which version are you trying to run this?
Mohammed 01/08/2021 at 18:34 Log in to Reply

Hi thanks for the valuable article i was able to get the password of Vcenter Server .. could you pls advise how to get the ESXI host password if lost or forgotten , my current license is VMware essential plus with which I cant reset the password using Host profile.
- Luciano Patrao 02/08/2021 at 12:56 Log in to Reply
  
  The only way is to use Host Profiles, if not only install ESXi again.
  There is some Linux hack way, but I do not use that, or propose that to anyone.
vcenter appliance default login - LoginWhale.com 13/08/2021 at 01:05 Log in to Reply

[…] 12. vCenter 5.x/6.x: How to reset [email protected] … […]
vsphere web client default login - LoginWhale.com 30/08/2021 at 18:26 Log in to Reply

[…] 6. vCenter 5.x/6.x: How to reset [email protected] … […]
www vcenter web client default login com Portal Detailed Access Account Archives - bankep.com 14/11/2021 at 23:22 Log in to Reply

[…] vCenter 5.x/6.x: How to reset administrator@vsphere.local … […]
Provirtualzone 2021 Stats > ProVirtualzone – My Blog 13/01/2022 at 06:51 Log in to Reply

[…] page’s stats. In 6 months, had virtually the precise hits that had the quantity one once a year vCenter 5.x/6.x: Find out how to reset administrator@vsphere.native account password in 6 […]