I’ve needed to reset the root password on VMware vRealize Operations appliances on a few occasions and although the official guide from VMware contains very helpful information, it wasn’t easy enough to follow for some of my colleagues who weren’t proficient in Linux or text editors. The purpose of this post is to include screenshots for each step of the process and make the procedure for resetting the root password for VMware vRealize Operations 8.x appliances easier to follow.
There are a few steps to complete the password reset which are all covered in this post:-
- Take the vROps cluster offline
- Enter and use the GRUB loader menu
- Reset password by editing files
- Tidy up
- Bring the cluster back online
The latest and greatest information is usually direct from VMware so please use all resources at your disposal to aid the management of your environments.
Log in to the admin interface which is your usual vROps URL followed by /admin e.g. https://vrops.dtdc/admin
Under System Status > Click Take Cluster Offline > Monitor until all Nodes and the cluster is Offline
In the vSphere Client, Navigate to the Node which will have the root password reset > Right Click > Power > Restart Guest OS
Select Yes to confirm the Restart
Launch a console immediately after > Press e to enter the GRUB loader menu. If the OS for the Node boots then repeat the restart steps to attempt it again
Use your keybaord arrow keys to navigate to the line which starts with linux (This can also start with Photon OS) and enter a space with the following text and it’ll look like the screenshot below
Press F10 and wait for the Node to reboot
Type passwd root > click Enter to submit > type your new password > click Enter to submit > Retype your new password > click Enter to submit
You should receive a notification that your password updated successfully like the screenshot below
Navigate by typing cd/etc/pam.d/ > hit Enter to submit
Open the system-auth file by typing vi system-auth > hit Enter to submit
This opens the system-auth file using vi editor
Press i on your keyboard. Note the area in the blue box below changes to — INSERT — which means you are editing the file.
Navigate using the arrows on your keyboard to the beginning of the line auth required pam_tally2.so…..
Insert a # so the text is the same as shown in the screenshot below
Type :wq. This means Write Quit which will save and exit the file
This is optional but you can press the up arrow or type vi system-auth to reopen the file and confirm your changes have been saved
Type sync > hit Enter to submit
Type unmount / > hit Enter to submit
Type reboot -f > hit Enter to submit
The Node will reboot and load the OS until you get back to the login screen
Navigate to Login if it isn’t already selected > hit Enter
Enter the username root > hit Enter to submit
Enter the password you just set > hit Enter to submit
Type pam_tally2 -u root –reset to reset the failure attempts
This may display a number of failed attempts so press the up arrow to run it again until it displays 0
Navigate again by typing cd/etc/pam.d/ > hit Enter to submit
Open the system-auth file again by typing vi system-auth > hit Enter to submit
Navigate using the arrows on your keyboard to the beginning of the line #auth required pam_tally2.so….
Remove the # so the text is the same as shown in the screenshot below
Type :wq to save and exit the file again
Go back to the vROps admin interface which is your usual vROps URL followed by /admin e.g. https://vrops.dtdc/admin
Under System Status > bring the cluster back online by clicking Bring Cluster Online > Monitor until all Nodes and the cluster is Online