Resetting forgotten vCenter SSO password - "User account is locked. Please contact your administrator"
search cancel

Resetting forgotten vCenter SSO password - "User account is locked. Please contact your administrator"

book

Article ID: 326186

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • This article outlines how to reset a forgotten or locked vCenter SSO password ([email protected])

  • After three failed login attempts, the account is automatically locked with the error:

          "User account is locked. Please contact your administrator." 

Environment

VMware vCenter Server 8.x

Resolution

Follow the procedure below to unlock the account and perform a password reset.

Process to Unlock SSO Password

To unlock an account using another session or using another user account with SSO administrator privileges:

  1. Click Home.
  2. Click Administration.
  3. Click Single Sign-On > Users and Groups.
  4. Click the Users tab.
  5. Right-click the affected user account and click Unlock.
Note: Unlock the account using another session that is still logged into the PSC server or using another user account with SSO administrator privileges. Reset the password using below steps, if you do not have any other SSO Admin accounts to unlock the Administrator Account (Reset process will automatically Unlock the account).

In emergency situations or if the default policies are changed, you can also reset the password to unlock the account.

On the vCenter Server with Embedded Platform Services Controller Appliance
  1. Log in to vCenter Server Appliance using SSH as the root user.
  2. Run this command to enable access the Bash shell:

    shell.set --enabled true
     
  3. Type shell and press Enter.
  4. Run /usr/lib/vmware-vmdir/bin/vdcadmintool
    Note: This utility is available only on External PSC node or vCenter Server with Embedded PSC, executing the command on Management node will fail with "No such file or directory" error.
    This console loads:
 
  1. Press 3 to enter the "Reset account password" option.
  2. When prompted for the Account UPN, enter:

    User@vSphere_Domain_Name.local (Example - [email protected])

    A new password is generated.

    Note: If your vSphere Domain name is customized, provide the customized domain name.
     
  3. Use the generated password to log in to the User@vSphere_Domain_Name.local account.
  4. After the password is regenerated, log in to the vSphere Web Client and change the password.

 

Additional Information



Powered by Wolken Software