Recently I got assigned one of the VMware project, while taking handover I found Esxi root passwords are not documented properly for the VMware infrastructure project, Luckily 40% Esxi Host were joined into domain and I was able to reset password using Reset forgotten ESXi root password on Domain joined Esxi using vSphere web client and Powercli with few AD changes (group creation), Next thing was on the remaining server where servers are not in domain, there is second way to reset Esxi root password using vCenter host profiles (only the condition is Esxi server must be added to Vmware vCenter server (POWERCLI - CREATE DATACENTER AND ADD ESXI HOST IN VCENTER).
VMware Host Profiles accessible through VMware vCenter Server, it is kind of ESXi template, permits you to create typical configurations for VMware ESXi hosts and to automate compliance to these configurations, streamlining functioning management of across-the-board environments and dropping faults produced by mis-configurations.
To open host profile view on the VMware vSphere Web Client, click home icon, In the Operations and Policies choose Host Profiles.
My very first task is to create a standard profile from existing host. In the Host Profiles, On the right side, objects tab, click green + plus button - Extract profile from a host. In the Select Host, Click any of one esxi host. Go to next button.
On the Name and Description wizard, Enter the meaningful name and description (optional) for the profile, on the last page Ready to complete page review settings and finish wizard.
You can list the newly created Reset_Root_Password ESXi under host profiles, right click on it and go to Edit Settings. On the Edit host profile page wizard, uncheck all the checkboxes on the options and only keep the check box on Security and Services \ Security Settings \ Security \ User Configuration \ root. Here on the Password section from drop down menu choose Fixed password configuration and type your password twice, finish the wizard.
Here again right click on the Reset_Root_Password host profile, click Attach/Detach Hosts and Clusters, In the Select Host/Clusters, choose cluster or ESXi server in the list, and hit Attach button and you will see the corresponding entity is moved from left to right. There are no configurable item on the Customize hosts, leave it unchecked and it says none of the hosts require additional customizations.
You can use same actions and wizard by selecting ESXi host or cluster, right click server, from the context menu select Host profiles and you will see same related menu. From Host and clusters view I will remediate esxi server.
Another wizard launches and here esxi host is already selected for remediate, Review the remediation tasks that will be executed on the hosts below once the wizard is complete. To see if the selected hosts are ready for remediation and how it will affect them use "Pre-check Remediation". The operation might take more than a minute. After clicking the button State/Tasks from Not checked to Green icon with Ready to remediate.
When tested One thing to be note, This task reseting root password, doesn't require reboot or host need to be put into maintenance mode.
Rebooting Hosts: Some hosts might require a reboot to complete the remediation process. If you wish to manually reboot hosts at the end of the process deselect the checkbox.
Once you apply host configurations, Pre-check Remediation all the task are listed in the recent tasks and can be viewed, they are successfully applied with no error and without reboot. To verify I used putty to SSH to view if new reseted password is working. VMWARE SECURITY BEST PRACTICES: POWERCLI ENABLE OR DISABLE ESXI SSH
INSTALLING AND CONFIGURING ESXI EMBEDDED WEB CLIENT
ESXI VIB SOFTWARE INSTALLATION ERROR
ESXI 6.5 UPGRADE INSTALLATION AND UI HTML WEB CLIENT
This post first appeared on Tales From Real IT System Administrators World And Non-production Environment, please read the originial post: here