To unlock the account using another session that is still logged into the SSO server or using another user account with SSO administrator privileges:
- Click Home.
- Click Administration.
- Click SSOUsersandGroups.
- Right-click the affected user account,such as admin, and click Unlock.
In emergency situations or if the default policies are changed, you can also reset the password to unlock the account.
Note: Resetting the password does not change the master password for vCenter Single Sign-On 5.1. The master password is stored in the database and can only be changed by re-installing vCenter Single Sign-On 5.1 with a fresh back-end database. This procedure only generates a secondary password for the
admin@system-domain to utilize. The master password continues to remain the same.
To reset the
admin@system-domain password:
On a Windows server
- Log in as an administrator to the vCenter SSO server.
- Click Start > Run, type cmd, and click OK.
- Navigate to the SSOInstallDirectory\utils directory. By default, the installation directory is C:\Program Files\VMware\Infrastructure\SSOServer\utils.
- Run rsautil reset-admin-password.
- Enter the master password when prompted.
Note: This is the password selected for the SSO administrator during the SSO installation. If you have changed your SSO administrator password later, the master password is still the original one selected.
- If the command fails to prompt for the master password, run this command that includes all switches:
rsautil reset-admin-password --master-pwd "master_password"--admin-name admin --admin-pwd new_password
- Enter the SSO administrator name for which you want to reset the password. For example, admin.
- Enter the new password for the user and then reconfirm the same. Ensure that the new password is compliant with VMware's list of unsupported character. For more information, see vSphere 5.1 Single Sign On (SSO) installation fails with error: Error 29133. Administrator login error. (2035820).
You see the message:
Password reset successfully.
On the vCenter Server Appliance
- Log in as root to the vCenter server Appliance.
- From the command line, navigate to /usr/lib/vmware-sso/utils directory.
- Run ./rsautil reset-admin-password.
- Enter the master password when prompted.
Note: By default, this is the root password.
- Enter the SSO administrator name for which you want to reset the password. For example, admin.
- Enter the new password for the user and then reconfirm the same. Ensure that the new password is compliant with VMware's list of unsupported character.
You see the message:
Password reset successfully.