Reset root password for VMware vRealize Operations appliance

I’ve needed to reset the root password on VMware vRealize Operations appliances on a few occasions and although the official guide from VMware contains very helpful information, it wasn’t easy enough to follow for some of my colleagues who weren’t proficient in Linux or text editors. The purpose of this post is to include screenshots for each step of the process and make the procedure for resetting the root password for VMware vRealize Operations 8.x appliances easier to follow.

There are a few steps to complete the password reset which are all covered in this post:-

  1. Take the vROps cluster offline
  2. Enter and use the GRUB loader menu
  3. Reset password by editing files
  4. Tidy up
  5. Bring the cluster back online

The latest and greatest information is usually direct from VMware so please use all resources at your disposal to aid the management of your environments.


Log in to the admin interface which is your usual vROps URL followed by /admin e.g. https://vrops.dtdc/admin

Under System Status > Click Take Cluster Offline > Monitor until all Nodes and the cluster is Offline

In the vSphere Client, Navigate to the Node which will have the root password reset > Right Click > Power > Restart Guest OS

Select Yes to confirm the Restart

Launch a console immediately after > Press e to enter the GRUB loader menu. If the OS for the Node boots then repeat the restart steps to attempt it again

Use your keybaord arrow keys to navigate to the line which starts with linux (This can also start with Photon OS) and enter a space with the following text and it’ll look like the screenshot below

rw init=/bin/bash

Press F10 and wait for the Node to reboot

Type passwd root > click Enter to submit > type your new password > click Enter to submit > Retype your new password > click Enter to submit

You should receive a notification that your password updated successfully like the screenshot below

Navigate by typing cd/etc/pam.d/ > hit Enter to submit

Open the system-auth file by typing vi system-auth > hit Enter to submit

This opens the system-auth file using vi editor

Press i on your keyboard. Note the area in the blue box below changes to — INSERT — which means you are editing the file.

Navigate using the arrows on your keyboard to the beginning of the line auth    required    pam_tally2.so…..

Insert a # so the text is the same as shown in the screenshot below

Type :wq. This means Write Quit which will save and exit the file

This is optional but you can press the up arrow or type vi system-auth to reopen the file and confirm your changes have been saved

Type sync > hit Enter to submit

Type unmount / > hit Enter to submit

Type reboot -f > hit Enter to submit

The Node will reboot and load the OS until you get back to the login screen

Navigate to Login if it isn’t already selected > hit Enter

Enter the username root > hit Enter to submit

Enter the password you just set > hit Enter to submit

Type pam_tally2 -u root –reset to reset the failure attempts

This may display a number of failed attempts so press the up arrow to run it again until it displays 0

Navigate again by typing cd/etc/pam.d/ > hit Enter to submit

Open the system-auth file again by typing vi system-auth > hit Enter to submit

Navigate using the arrows on your keyboard to the beginning of the line #auth    required    pam_tally2.so….

Remove the # so the text is the same as shown in the screenshot below

Type :wq to save and exit the file again

Go back to the vROps admin interface which is your usual vROps URL followed by /admin e.g. https://vrops.dtdc/admin

Under System Status > bring the cluster back online by clicking Bring Cluster Online > Monitor until all Nodes and the cluster is Online

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s