VMware Workspace One Access and IDM, resetting admin and configurator passwords
Article ID: 322720
Updated On:
Products
Issue/Introduction
- Login as local admin to Workspace One Access or Identity Manager admin UI fails.
- Login as local admin to Workspace One Access or Identity Manager Configurator UI fails.
- Inventory sync in Aria Suite Lifecyle is fails.
- You see an error similar to
- You may also see Error Code: LCMVIDM71059
Failed to promote default configuration user as an admin. Retry after providing necessary details.
Failed to promote local user to tenant admin on vIDM host XXXXXX Exception message: vIDM GET Association Ruleset failed with status code : 401. API Response : Unauthorized
Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment
Environment
VMware Identity Manager 3.3.x
Cause
Resolution
To reset the System Admin Password (Port 8443) password, you can either login to the following URL as admin and reset the password:
https://<idm-FQDN>:8443/cfg/changePassword
To reset Admin (443) , log into the appliance as sshuser followed by root and run this command to reset the password(s):
Additional Information
VMware Identity Manager (3.3.x)
1. vRSLCM on VCF mode.
Please consider the following docs and the summary table.
- Rotate passwords – VMware Cloud Foundation Administration Guide. This document indicates what passwords are managed on SDDC manager.
- Remediate Passwords – VMware Cloud Foundation Administration Guide
| Username | Can be changed on vRLSCM? |
Managed by SDDC (password rotation tool) |
How to reset it? |
| admin (port 443) | - | Yes | SDDC Manager |
| root | - | Yes | SDDC Manager |
| Default Configuration Admin password | - | No |
Article: Resetting VMware Identity Manager Default Configuration Admin password |
| admin (port 8443) | Yes | No |
Option 1. SSH to vIDM and run the following command /usr/sbin/hznAdminTool setSystemAdminPassword --pass <newpassword> Option 2. Access the following portal and reset the admin password: https://<idm-FQDN>:8443/cfg/changePassword |
| sshuser | Yes | No |
SSH to vIDM using root credentials and then change the password running passwd sshuser |
Important: If the Default Configuration Admin, admin (8443) and sshuser password are updated outside of vRSLCM follow this kb in order to update the passwords in Locker: Remediating passwords updated outside of VMware Aria Suite Lifecycle
Note in case having a problem updating the root or admin password please open a Support Request (SR) to the VMware Cloud Foundation team.
2. vRSLCM on non-VCF mode.
| Username | Can be changed on vRSLCM? | How to reset the password? |
| admin (port 443) | Yes, follow Changing passwords on Worspace One Access (vIDM) using VMware Aria Suite Lifecycle |
SSH to vIDM and run the following command /usr/sbin/hznAdminTool setOperatorPassword --pass <newpassword> |
| root | Yes, follow Changing passwords on Worspace One Access (vIDM) using VMware Aria Suite Lifecycle | The vRA steps can be followed How do I reset the root password for VMware Aria Automation |
| Default configurator admin | - |
Articles: Resetting VMware Identity Manager Default Configuration Admin password |
| admin (port 8443) | Yes, follow Changing passwords on Worspace One Access (vIDM) using VMware Aria Suite Lifecycle |
Option 1. SSH to vIDM and run the following command /usr/sbin/hznAdminTool setSystemAdminPassword --pass <newpassword> Option 2. Access the following portal and reset the admin password: https://<idm-FQDN>:8443/cfg/changePassword |
| sshuser | Yes, follow Changing passwords on Worspace One Access (vIDM) using VMware Aria Suite Lifecycle |
SSH to vIDM using root credentials and then change the password running passwd sshuser |
Important: If the Default Configuration Admin, admin (8443) and sshuser password are updated outside of vRSLCM follow this kb in order to update the passwords in Locker: Remediating passwords updated outside of VMware Aria Suite Lifecycle
Feedback
