Unable to log in with root account on the vCenter Server Virtual Appliance when using an external vCenter Single Sign-On server
Article ID: 310170
Updated On:
Products
VMware vCenter Server
Issue/Introduction
Symptoms:
- You are unable to log in to vCenter Server Virtual Appliance (VCSA) with the root account.
- You are able to log in to the virtual appliance management interface (VAMI) with the root account.
- This issue can occur after you upgrade your VCSA from vSphere 5.0 to vSphere 5.1 or 5.5.
- This issue occurs if you select an external, Windows-based vCenter Single Sign-On (SSO) instance when performing the vSphere upgrade.
Environment
VMware vCenter Server Appliance 5.5.x
VMware vCenter Server Appliance 5.0.x
VMware vCenter Server Appliance 5.1.x
VMware vCenter Server Appliance 5.0.x
VMware vCenter Server Appliance 5.1.x
Cause
This issue occurs because the Windows Server implementation of vCenter Single Sign-On does not have a root account by default. Therefore it does not pass the token for the root account back to the VCSA.
Resolution
This is a known issue affecting VMware vCenter Server Appliance 5.5. Currently, there is no resolution.
To work around this issue, create a local account named root under the Local User and Groups on the external vCenter Single Sign-On instance.
To create a local root account on the external vCenter Single Sign-On instance:
To work around this issue, create a local account named root under the Local User and Groups on the external vCenter Single Sign-On instance.
To create a local root account on the external vCenter Single Sign-On instance:
- Log in to the external vCenter Single Sign-On server with an administrator account.
- Click Start > Run.
- Type lusrmgr.msc and click OK.
- Click the Users folder in the left pane.
- In the right pane, right-click on a blank area and click New User.
- In the User name field, type root.
- In the Password and Confirm Password fields, type the password you used previously on the VCSA.
- Deselect User must change password at next logon.
Note: This creates the root@LocalOS user.
- Click Create.
- Log in to the VCSA with the new root account.
Additional Information
If you experience this issue when using the local instance of vCenter Single Sign-On on the vCenter Server Appliance, see vCenter Server Appliance 5.5 root account locked out after password expiration (2069041).
Unable to log in to the root account of vCenter Server Appliance
Unable to log in to the root account of vCenter Server Appliance
Feedback
Yes
No
Powered by
