Retrieve the service accounts credentials from SDDC Manager
search cancel

Retrieve the service accounts credentials from SDDC Manager

book

Article ID: 327195

calendar_today

Updated On:

Products

VMware Cloud Foundation VMware SDDC Manager

Issue/Introduction

  • Unable to SSH into an ESXi host with the stored root credentials on SDDC.

  • This article provides the steps to retrieve the ESXi service accounts from SDDC Manager.

Resolution

  

  1. SSH into the SDDC Manager with vcf user and su to root

  2. Create a token on the SDDC Manager. (You will need to update the username and password value) 
    TOKEN=$(curl -d '{"username" : "<sso_username>", "password" : "<sso_password>"}' -H "Content-Type: application/json" -X POST http://127.0.0.1/v1/tokens | jq -r '.accessToken')

    The <sso_username> needs to be [email protected] or admin@local account

  3. Pull the credentials from SDDC. 
    curl -k -X GET -H "Authorization: Bearer "$TOKEN"" --insecure 'https://localhost/v1/system/credentials/service' | json_pp | less


    Sample output

    {
      "serviceType" : "SDDC_MANAGER",
      "entityId" : "9189####-####-####-####-########8251",
      "username" : "svc-vcf-####-##",
      "id" : "688d####-####-####-####-########ad5e",
      "entityType" : "ESXI",
      "targetType" : "ESXI",
      "serviceId" : "2f7a####-####-####-####-########cb79",
      "secret" : "##############",
      "credentialType" : "SSH",
      "creationTime" : 16#######96,
      "modificationTime" : 16#######96

Additional Information

Once you have the service account password you can connect to the ESXi host with the service account to clear out a root lockout or to reset the root password.


Powered by Wolken Software