VMware Workspace One Access and IDM, resetting admin and configurator passwords
Article ID: 322720
Updated On:
Products
Issue/Introduction
- Login as local admin to Workspace One Access or Identity Manager admin UI fails.
- Login as local admin to Workspace One Access or Identity Manager Configurator UI fails.
- Inventory sync in Aria Suite Lifecyle Manager is failing
- You see an error similar to
- You may also see Error Code: LCMVIDM71059
Failed to promote default configuration user as an admin.Retry after providing necessary details.
Failed to promote local user to tenant admin on vIDM host XXXXXX Exception message: vIDM GET Association Ruleset failed with status code : 401. API Response : Unauthorized
Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment
Cause
Resolution
- https://<idm-FQDN>:8443/cfg/changePassword
Or log into the appliance as sshuser followed by root and run this command to reset the password(s):
- For the Admin UI (https://<vIDM FQDN>/SAAS/login/0) (port 443). Here, the account "admin" is used for login:
- For the Configurator UI (port 8443):
Additional Information
VMware Identity Manager (3.3.x)
1. vRSLCM on VCF mode.
Please consider the following docs and the summary table.
- Rotate passwords – VMware Cloud Foundation Administration Guide. This document indicates what passwords are managed on SDDC manager.
- Remediate Passwords – VMware Cloud Foundation Administration Guide
| Username | Can be changed on vRLSCM? |
Managed by SDDC (password rotation tool) |
How to reset it? |
| admin (port 443) | - | Yes | SDDC Manager |
| root | - | Yes | SDDC Manager |
| Default Configuratorion admin password | No yet, feature request VRLSCM-I-219 | No |
Article: Resetting VMware Identity Manager Default Configuration Admin password |
| admin (port 8443) | yes | No | /usr/sbin/hznAdminTool setSystemAdminPassword |
| sshuser | yes | No |
SSH to vIDM using root credentials and then change the password running passwd sshuser |
Important: If the Default Configuration Admin, admin (8443) and sshuser password are updated outside of vRSLCM follow this kb in order to update the passwords in Locker: Remediating passwords updated outside of VMware Aria Suite Lifecycle
Note in case having a problem updating the root or admin password please open a Support Request (SR) to the VMware Cloud Foundation team.
2. vRSLCM on non-VCF mode.
| Username | Can be changed on vRSLCM? | How to reset the password? |
| admin (port 443) | Yes, follow Changing passwords on Worspace One Access (vIDM) using VMware Aria Suite Lifecycle |
Option 1. SSH to vIDM and run the following command /usr/sbin/hznAdminTool setOperatorPassword --pass <newpassword> Option 2. Accesss the following portal and reset the admin password: https://<idm-FQDN>:8443/cfg/changePassword |
| root | Yes, follow Changing passwords on Worspace One Access (vIDM) using VMware Aria Suite Lifecycle | The vRA steps can be followed How do I reset the root password for VMware Aria Automation |
| Default configurator admin | No yet, feature request VRLSCM-I-219 |
Articles: Resetting VMware Identity Manager Default Configuration Admin password |
| admin (port 8443) | Yes, follow Changing passwords on Worspace One Access (vIDM) using VMware Aria Suite Lifecycle |
SSH to vIDM and run the following command /usr/sbin/hznAdminTool setSystemAdminPassword --pass <newpassword> |
| sshuser | Yes, follow Changing passwords on Worspace One Access (vIDM) using VMware Aria Suite Lifecycle |
SSH to vIDM using root credentials and then change the password running passwd sshuser |
Important: If the Default Configuration Admin, admin (8443) and sshuser password are updated outside of vRSLCM follow this kb in order to update the passwords in Locker: Remediating passwords updated outside of VMware Aria Suite Lifecycle
Feedback
