How to unlock the VCF/Root accounts in VMware SDDC Manager after too many incorrect login attempts

search cancel

How to unlock the VCF/Root accounts in VMware SDDC Manager after too many incorrect login attempts

book

Article ID: 313483

calendar_today

Updated On:

Products

VMware Cloud Foundation

Issue/Introduction

This article helps to regain access to locked out account.
User accounts locked due to various incorrect log in attempts.

Environment

VMware Cloud foundation 5.x
VMware Cloud Foundation 3.x
VMware Cloud Foundation 4.x

Cause

User accounts locked due to various incorrect log in attempts.

Resolution

This issue can occur due to multiple incorrect login attempts. Its not a bug rather by design. KB is present to regain access.

Workaround:

To unlock the VCF account, please use the steps mentioned below:

In a Web Browser, log into the vCenter Web Client.
Navigate to, and open a VM console, to VMware SDDC Manager VM.
From the console, log in with the root account.
Run the following command to reset the VCF account:

For VCF versions up to VCF 5.0.0.1(Photon OS 3.0), use

pam_tally2 --reset --user vcf
pam_tally2 --reset --user root

For VCF versions starting from VCF 5.1.0.0(Photon OS 4.0 onwards), use

faillock --reset --user vcf
faillock --reset --user root

Reset the password of the VCF account or the root account using the command below and enter a new password when prompted:

passwd vcf
passwd root

Verify that the VCF account is now able to login by attempting a new SSH session.

Additional Information

To reset the root password for the SDDC Manager when the root password is locked out or unknown, refer to the following KB:

How to reset the VRM, SDDC Manager Controller, SDDC Manager Utility, VIA or Cloud Builder root user password(330357)

Feedback

thumb_up Yes

thumb_down No