How to Reset the Root Password in VMware Aria Operations (formerly vRealize Operations)
searchcancel
How to Reset the Root Password in VMware Aria Operations (formerly vRealize Operations)
book
Article ID: 325005
calendar_today
Updated On: 07-01-2025
Products
VMware Aria Suite
Issue/Introduction
This article provides steps to reset the Aria Operations (formerly known as vRealize Operations) root password.
If the root password for VMware Aria Operations is forgotten, login attempts with an incorrect password will result in a "Login Incorrect" or "Access Denied" error. This article provides the steps to securely reset the root password.
In Aria Operations, when you log in to the console of the virtual application for the first time, you are forced to set a root password.
Note: The default root password is blank. Simply press the enter key when prompted for the first time.
The Aria Operations console root password can be different than the admin account password that you set when configuring the Aria Operations Primary node.
Process to reset the root password in VMware Aria Operations:
To reset root password in VMware Aria Operations follow the steps below.
Log into the VMware Aria Operations admin UI as the local admin user.
Click Take Offline under Cluster Status.
Notes:
Wait for Cluster Status to show as Offline.
While only the target node needs to be taken offline, to avoid cluster issues it is recommended to take the entire cluster offline instead.
In the vSphere Client, open the console of the desired node.
With the console open, restart or power on the virtual machine.
When the GRUB loader menu appears, immediately press the e key to enter edit mode.
Notes:
Press the up and down arrow keys even if the option appears to already be selected. Otherwise, the machine continues to boot, and you have to start over.
The cursor appears at the end of a line of boot options near the bottom of the display.
If you cannot reach the boot menu before it disappears, enable Force BIOS setup in the Virtual Machine's Settings > VM Options > Boot Options and reboot.
6. Add a space at the end of the line containing elevator=noop, then type rw init=/bin/bash which adds another option to the line.
Press F10 to start virtual appliance in single-user mode.
Then from step 8 follow the steps based on the installed Aria Operations version:
VMware Aria Operations 8.0.x - 8.12.x
VMware Aria Operations 8.14.x - above
8. Type passwd root and follow the prompts to create a new root password
Note: If the above command fails, try running sudo passwd root instead.
8. At the prompt type, after successful boot, run the following command to mount the root partition
mount -o remount,rw /
9. To unlock the root account, open /etc/pam.d/system-auth in a text editor.
9. Type passwd root and follow the prompts to create a new root password.
10. Comment out the following line by adding a # in front of it: auth required pam_tally2.so onerr=fail deny=3 unlock_time=900 root_unlock_time=900 file=/var/log/tallylog
After following above steps please bring the cluster back to Online status following below steps :
1. Log into the VMware Aria Operations admin UI as the local admin user. 2. Click Bring Online under ClusterStatus. Note: Wait for Cluster Status to show as Online.
Additional Information
Password Requirements:
At least 8 characters long
1 Uppercase
1 Lowercase
1 number
1 Special character from this list: !@#$%^&*+=
To check if the root account is locked, complete the following while in single user mode. Note: Running the passwd command from the steps above will unlock the root account, so this step not required if passwd has already been run.
Type passwd -S root to determine if the root account is locked.
Note: If the account is not locked, you will see PS next to the username. If the account is locked, you will see LK next to the username.
If the nodes are connected with SDDC Manager on VMware Cloud Foundation and the root password has been reset outside of SDDC Manager:
Operations nodes are disconnected in SDDC manager. Password rotation, upgrade, or remediation could not previously be performed from the SDDC. Password is now known and SSH access is possible. Root account is not locked (because this KB was followed to reset the password). Please use the guide to Remediate the password in SDDC Manager: Remediate Passwords