How to Reset the Root Password in VMware Aria Operations (formerly vRealize Operations)
search cancel

How to Reset the Root Password in VMware Aria Operations (formerly vRealize Operations)

book

Article ID: 325005

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

This article provides steps to reset the Aria Operations (formerly known as vRealize Operations) root password.

  • In Aria Operations, when you log in to the console of the virtual application for the first time, you are forced to set a root password.
Note: The default root password is blank.  Simply press the enter key when prompted for the first time.
  • The Aria Operations console root password can be different than the admin account password that you set when configuring the Aria Operations Primary node.


Environment

VMware vRealize Operations 8.10.x
VMware vRealize Operations 8.6.x
VMware vRealize Operations 8.0.x
VMware vRealize Operations Manager 7.5.x
VMware vRealize Operations 8.x
VMware vRealize Operations Manager 6.x
VMware Aria Operations 8.14.x
VMware vRealize Operations 8.4.x
VMware vRealize Operations 8.2.x
VMware vRealize Operations Manager 7.0.x
VMware vRealize Operations 8.1.x
VMware vRealize Operations 8.5.x
VMware vRealize Operations 8.3.x
VMware Aria Operations 8.12.x
Aria Operations 8.18.x

Resolution

Process to reset the root password in VMware Aria Operations:




To reset root password in VMware Aria Operations follow the steps below.

  1. Log into the VMware Aria Operations admin UI as the local admin user. 
  2. Click Take Offline under Cluster Status.
Notes:
  • Wait for Cluster Status to show as Offline.
  • While only the target node needs to be taken offline, to avoid cluster issues it is recommended to take the entire cluster offline instead.
  1. In the vSphere Client, open the console of the desired node.
  2. With the console open, restart or power on the virtual machine.
  3. When the GRUB loader menu appears, immediately press the e key to enter edit mode.
Notes:
  • Press the up and down arrow keys even if the option appears to already be selected. Otherwise, the machine continues to boot, and you have to start over.
  • The cursor appears at the end of a line of boot options near the bottom of the display.
  • If you cannot reach the boot menu before it disappears, enable Force BIOS setup in the Virtual Machine's Settings > VM Options > Boot Options and reboot.
 
       6. Add a space at the end of the line (after elevator=noop), then type rw init=/bin/bash which adds another option to the line.
  1. Press F10 to start virtual appliance in single-user mode.
Then from step 8 follow the steps based on the installed Aria Operations version:
 
VMware Aria Operations 8.0.x - 8.12.xVMware Aria Operations 8.14.x - above

8. Type passwd root and follow the prompts to create a new root password

Note: If the above command fails, try running sudo passwd root instead.
8. At the prompt type, after successful boot, run the following command to mount the root partition
mount -o remount,rw /
9. To unlock the root account,
open /etc/pam.d/system-auth in a
text editor.

9. Type passwd root and follow the
prompts to create a new root password.

Note: If the above command fails, try running 
sudo passwd root instead.

10. Comment out the following line by
adding a # in front of it:
auth    required  
 pam_tally2.so onerr=fail
deny=3 unlock_time=900
root_unlock_time=900
file=/var/log/tallylog


Example: #auth    required  
 pam_tally2.so onerr=fail
deny=3 unlock_time=900
root_unlock_time=900
file=/var/log/tallylog
10. To unlock the root account run the
following command to unlock it

/usr/sbin/faillock --user
root --reset
11. Save and close the file.11. Type umount / and press Enter.
12. Type sync and press Enter to flush the data to disk.12. Type reboot -f and press Enter.

Note: If the reboot command fails, restart the Virtual Machine through vSphere.
13. Type umount / and press Enter. 
14. Type reboot -f and press Enter.

Note: If the reboot command fails, restart the Virtual Machine through vSphere.
 
15. In the vSphere Client, reopen the console of the desired node and login using root. 
16. Run the following command:
pam_tally2 --user root --reset

Note: This command may need to be run
twice. 
 
17. Open /etc/pam.d/system-auth in
a text editor.
 
18. Uncomment the line from step 11 by
removing the # in front of it.

Example: auth    required  
 pam_tally2.so onerr=fail
deny=3 unlock_time=900
root_unlock_time=900
file=/var/log/tallylog
 
19. Save and close the file. 
 
After following above steps please bring the cluster back to Online status following below steps :

1. Log into the VMware Aria Operations admin UI as the local admin user.    
2. Click Bring Online under Cluster Status.
Note: Wait for Cluster Status to show as Online.

Additional Information

To check if the root account is locked, complete the following while in single user mode. 
Note: Running the passwd command from the steps above will unlock the root account, so this step not required if passwd has already been run.

  • Type passwd -S root to determine if the root account is locked.
Note: If the account is not locked, you will see PS next to the username.  If the account is locked, you will see LK next to the username.

Example
Unlockedroot PS 01/24/2019 0 365 7 -1
Lockedroot LK 01/24/2019 0 365 7 -1



For information on resetting the admin password, see How to Reset the Admin Password in Aria Operations.