This article shows one of the reason why you always should follow best practices while configuring any environment. Here I will take a reference of my earlier blog . Few days back I received one personal project to work on, There was an issue, clients were wanted to perform some activity on Esxi ssh putty, but they forgot or unaware of the root password. Task was to reset the forgotten esxi root password, While troubleshooting I found Esxi servers are joined into active directory domain and were part of the vCenter. As this gives me chance to login into ESXi directly using AD user account and perform further activities without any risk of loosing anything.
ESXi 3.5, ESXi 4.x, ESXi 5.x and ESXi 6.x
Reinstalling the ESXi host is the only supported way to reset a password on ESXi. Any other method may lead to a host failure or an unsupported configuration due to the complex nature of the ESXi architecture. ESXi does not have a service console and as such traditional Linux methods of resetting a password, such as single-user mode.
POWERCLI AND VSPHERE WEB CLIENT: JOIN ESXI INTO ACTIVE DIRECTORY DOMAIN CONTROLLER
- Use portal https://esxiip_fqdn/ui or vsphere client to login into esxi.
- From left side menu in the Navigator pane, under Host select Manage.
- Click Security & Users tab and select users.
- It will list all the local users in esxi, select root from the list.
- Click pencil icon, edit user,
- Change password by saving it.
Same task can be performed using vmware powercli, to know more on configuring powercli check VMWARE VSPHERE POWERCLI INSTALLATION AND CONFIGURATION STEP BY STEP. Login to the individual Esxi server using command Connect-VIServer Esxi001.
To reset root password use Set-VMHostAccount -UserAccount root -Password [email protected]. Make sure while resetting password through powercli you are using complex password, Other wise it will throw below error. Same restriction is applied while logging through web client.
Set-VMHostAccount : 8/25/2017 4:31:54 PM Set-VMHostAccount A general system error occurred: Weak password: not enough different characters or classes. Weak password: not enough different characters or classes.
At line:1 char:1
+ Set-VMHostAccount -UserAccount root -Password [email protected]
+ CategoryInfo : NotSpecified: (:) [Set-VMHostAccount], SystemError
+ FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_NewVmHostGroupAccount_ViError,VMware.VimAutomation.
This post first appeared on Tales From Real IT System Administrators World And Non-production Environment, please read the originial post: here