How to change vCenter Server Service account in vCenter Server 6.5/6.7

search cancel

How to change vCenter Server Service account in vCenter Server 6.5/6.7

book

Article ID: 307587

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

vCenter Services in vCenter Server 6.5/6.7 are controlled by vmon service. If the windows vCenter service account need to be changed for a particular service it need to be updated through vmon.

The KB explain on how to change vCenter Server Service account in vCenter Server 6.5/6.7

Environment

VMware vCenter Server 6.5.x
VMware vCenter Server 6.7.x

Resolution

Ensure The domain user account has below rights configured under ' Windows Administrative Tools -> Local Security -> Local Policies -> User Rights Management'( A reboot is required for change to take effect).
- Logon as Service
- Act as part of the operating system
- Replace a process level token

Follow the steps below to change service account:

1. Stop the vCenter Server services.Open the command prompt as Administrator on the vCenter server machine.
  - cd C:\Program Files\VMware\vCenter Server\bin
  - service-control --stop --all
2. Change the logon system account for VMware Afd Service , VMware Life Cycle Manger Service and VMware vCenter Configuration Service to the desired domain account
3. Start vMon Service only on vCenter Server via Command.
  
  service-control --start vmware-vmon
4. Update the password for the domain account in vmon using the command.Navigate to the default location C:\Program Files\VMware\vCenter Server\vmon\.
  
  vmon.exe -P username@domain
5. List the service which require update using
  
  vmon-cli.exe -l
6. Update each service to be run as service account user account from command line.

vmon-cli.exe -U cis-license --runasuser username@domain
vmon-cli.exe -U cm --runasuser username@domain
vmon-cli.exe -U content-library --runasuser username@domain
vmon-cli.exe -U eam --runasuser username@domain
vmon-cli.exe -U imagebuilder --runasuser username@domain
vmon-cli.exe -U mbcs --runasuser username@domain
vmon-cli.exe -U netdumper --runasuser username@domain
vmon-cli.exe -U perfcharts --runasuser username@domain
vmon-cli.exe -U rbd --runasuser username@domain
vmon-cli.exe -U rhttpproxy --runasuser username@domain
vmon-cli.exe -U sca --runasuser username@domain
vmon-cli.exe -U sps --runasuser username@domain
vmon-cli.exe -U vapi-endpoint --runasuser username@domain
vmon-cli.exe -U vmcam --runasuser username@domain
vmon-cli.exe -U vmonapi --runasuser username@domain
vmon-cli.exe -U vmsyslogcollector --runasuser username@domain
vmon-cli.exe -U vpxd --runasuser username@domain
vmon-cli.exe -U vpxd-svcs --runasuser username@domain
vmon-cli.exe -U vsan-health --runasuser username@domain
vmon-cli.exe -U vsm --runasuser username@domain
vmon-cli.exe -U vsphere-client --runasuser username@domain
vmon-cli.exe -U vsphere-ui --runasuser username@domain

Note: If the vCenter Server service is using Microsoft SQL as the vCenter Database and Windows Integrated Authentication is used in ODBC configuration, Additional steps are required:

For more information Changing the vCenter Server database user ID and password

Feedback

thumb_up Yes

thumb_down No