How to unlock and reset SSO administrator password in vSphere 5.1
search cancel

How to unlock and reset SSO administrator password in vSphere 5.1

book

Article ID: 315378

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

You must unlock and reset the vCenter Single Sign-On (SSO) password in vSphere 5.1 if you have entered an incorrect password for three times and you see the error:
 
User account is locked. Please contact your administrator.

To know the process for 6.X see: Unlock and reset SSO password in vSphere 6.x
Also see the process to: Reset the vCenter SSO Administrator Password when SSO administrator is locked or expired  


Environment

VMware vCenter Server Appliance 5.1.x
VMware vCenter Server 5.1.x

Resolution

To unlock the account using another session that is still logged into the SSO server or using another user account with SSO administrator privileges:
  1. Click Home.
  2. Click Administration.
  3. Click SSOUsersandGroups.
  4. Right-click the affected user account,such as admin, and click Unlock.
In emergency situations or if the default policies are changed, you can also reset the password to unlock the account.

Note: Resetting the password does not change the master password for vCenter Single Sign-On 5.1. The master password is stored in the database and can only be changed by re-installing vCenter Single Sign-On 5.1 with a fresh back-end database. This procedure only generates a secondary password for the admin@system-domain to utilize. The master password continues to remain the same.

To reset the admin@system-domain password:
 
On a Windows server
  1. Log in as an administrator to the vCenter SSO server.
  2. Click Start > Run, type cmd, and click OK.
  3. Navigate to the SSOInstallDirectory\utils directory. By default, the installation directory is C:\Program Files\VMware\Infrastructure\SSOServer\utils.
     
  4. Run rsautil reset-admin-password.
  5. Enter the master password when prompted.

    Note: This is the password selected for the SSO administrator during the SSO installation. If you have changed your SSO administrator password later, the master password is still the original one selected.
     
  6. If the command fails to prompt for the master password, run this command that includes all switches:

    rsautil reset-admin-password --master-pwd "master_password"--admin-name admin --admin-pwd new_password
     
  7. Enter the SSO administrator name for which you want to reset the password. For example, admin.
  8. Enter the new password for the user and then reconfirm the same. Ensure that the new password is compliant with VMware's list of unsupported character. For more information, see vSphere 5.1 Single Sign On (SSO) installation fails with error: Error 29133. Administrator login error. (2035820).

    You see the message:

    Password reset successfully.
On the vCenter Server Appliance
  1. Log in as root to the vCenter server Appliance.
  2. From the command line, navigate to /usr/lib/vmware-sso/utils directory.
  3. Run ./rsautil reset-admin-password.
  4. Enter the master password when prompted.

    Note: By default, this is the root password.
     
  5. Enter the SSO administrator name for which you want to reset the password. For example, admin.
  6. Enter the new password for the user and then reconfirm the same. Ensure that the new password is compliant with VMware's list of unsupported character.

    You see the message:

    Password reset successfully.


Additional Information

如何在 vSphere 5.1 中解锁并重置 SSO 管理员密码
vSphere 5.1 で SSO 管理者パスワードをロック解除してリセットする方法