Retrieve the service accounts credentials from SDDC Manager
search cancel

Retrieve the service accounts credentials from SDDC Manager

book

Article ID: 327195

calendar_today

Updated On:

Products

VMware Cloud Foundation

Issue/Introduction

This article provides the steps to retrieve the ESXi service accounts from SDDC Manager.

Symptoms:
Unable to SSH into an ESXi host with the stored root credentials on SDDC.

Environment

VMware Cloud Foundation 4.x
VMware Cloud Foundation 5.x

Resolution

1.SSH into the SDDC Manager
2.Elevate to root with su
3.Create a token on the SDDC Manager. (You will need to update the password value)

TOKEN=$(curl -d '{"username" : [email protected], "password" : "updatepassword"}' -H "Content-Type: application/json" -X POST http://127.0.0.1/v1/tokens | jq -r '.accessToken')

4.Pull the credentials from SDDC.

curl -k -X GET -H "Authorization: Bearer "$TOKEN"" --insecure 'https://localhost/v1/system/credentials/service' | json_pp | less

5.Record the service name and the password from the output.
   {
      "serviceType" : "SDDC_MANAGER",
      "entityId" : "91894bc0-eac5-4707-98fe-a2f2a4678251",
      "username" : "svc-vcf-xxxxx-xx",
      "id" : "688d8117-a4d3-4b41-8ec4-6c302a61ad5e",
      "entityType" : "ESXI",
      "targetType" : "ESXI",
      "serviceId" : "2f7a158d-e299-4793-b294-9e3c0c0dcb79",
      "secret" : "xxxxxxxxxxxxxxxxx",
      "credentialType" : "SSH",
      "creationTime" : 1652959021796,
      "modificationTime" : 1652959021796


Additional Information

Once you have the service account password you can connect to the ESXi host to clear out a root lockout or to reset the root password.