Resetting an expired password in vCenter Single Sign-On (SSO)
search cancel

Resetting an expired password in vCenter Single Sign-On (SSO)

book

Article ID: 341816

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • vCenter Single Sign-On account (SSO) passwords expire after 365 days, including the password for admin@system-domain.
  • In vSphere 5.1, you see this error on a login attempt with an expired password:

    Web Client: "provided credentials are not valid"

  • In the vsphere_client_virgo.log, you see the error:

    SOAP fault javax.xml.ws.soap.SOAPFaultException: Authentication failed


Environment

VMware vCenter Server 5.1.x
VMware vCenter Server Appliance 5.1.x

Resolution

vCenter Single Sign-On administrator users can change expired passwords for System-Domain users. Request that an administrator resets your password.

If you are a vCenter Single Sign-On administrator user, use the ssopass command-line tool to reset the password.

On the Windows host running vCenter Single Sign-On:

  1. Open an elevated command prompt and run the command:

    SET JAVA_HOME=C:\Program Files\VMware\Infrastructure\jre

    Note: This is the default path of the JRE folder for vCenter Server 5.1. If vCenter Server has been installed in a custom location, change command accordingly.

  2. Navigate to the ssolscli directory

    c:\>cd C:\Program Files\VMware\Infrastructure\SSOServer\ssolscli

  3. Run the following command:

    ssopass -d https://FQDN_of_SSO_server:7444/lookupservice/sdk username

  4. Type your current password, even if it is expired.
  5. Type the new password, and then type it again to confirm.
 

From the vCenter Server Appliance (VCSA):

  1. Log in to the vCenter Server Appliance as root.

    Note: The default password is vmware.

  2. Navigate to this directory:

    /usr/lib/vmware-sso/bin

  3. Run this command:

    ./ssopass -d https://FQDN_of_SSO_server:7444/lookupservice/sdk username

  4. Type the current password for the user, even if it is expired.
  5. Type the new password, and then type it again to confirm.

To be alerted when this article is updated, click Subscribe to Document in the Actions box.