Reset upgraded VIDM root password
Recently I ran into an issue with a customer where the vidm root password was lost. There are a couple of blogposts and kb articles that describe how to reset the root password, but in this case it was a bit different.
During the upgrade from vidm 3.3.2 to 3.3.3 or 3.3.4, the underlying SLES OS is replaced by Photon. It does however leave the old grub bootloader in place. There is quite some information to be found around resetting root passwords like the following KB’s and documentation;
- VMware KB2001476 – How to reset the root password in vRealize Operations.
- VMware KB76530 – Resetting the root password on Photon based appliance in vRealize Automation 8.x.
- VMware Docs – How do I reset the root password for vRealize Automation.
- Photon Docs – Resetting a lost root password.
However, none of those where complete, causing some confusion about how to tackle this problem. I hope the information below helps.
First of all, Open a (remote) Console to your vidm appliance and (re)start the system. This will show the grub bootloader with a single Photon 3.0 entry.
- Type <p> and enter the password: H0rizon! (yes seriously…)
- Select the second line, the one that starts with kernel and type <e> to edit.
- Add the following at the end of the line (the line the ends with audit=1): rw init=/bin/bash and press <ENTER> (otherwise your changes are not saved)
- Back in the menu press <b> to boot.
- You will now end up with a shell prompt, from where you can change the password with the passwd command.
bvidm:~ # passwd New password: Retype new password:
- You may also want to change the password settings with the chage command.
bvidm:~ # chage -I -1 -m 0 -M 9999 -E -1 Aging information changed. bvidm:~ # chage -l Minimum: 0 Maximum: 9999 Warning: 7 Inactive: -1 Last Change: Apr 19, 2021 Password Expires: Sep 03, 2048 Password Inactive: Never Account Expires: Never
Note that if you set the maximum password higher than 9999, it will be set to “never expires”. VIDM does not seem to like never expires and I had some issues during past upgrades.
- Reboot the VIDM (via vCenter)
Depending on your situation you now have to update vRSLCM to use the correct root password.
- Login to vRSLCM and go to Locker, Password.
- Create a new password entry for your vidm root account.
- Go back to lifecycle operations and select the globalenvironment. Click view details and click Trigger Inventory Sync:
If the passwords do not match an LCMCOMMON80063 error is thrown.
- Click Details and click the retry button.
You can now remove the current password (installerPassword in this case) and add your newly create vidm root password from the Locker.
- Click Close and Submit. Everything should go fine from here.
In case that the sshuser account is also wrong, you will get another error message. Advice is to pay close attention to the hostname and account that is in the error message. To update/change the sshuser password, you can use the same procedure (create Locker entry and update pass).