NSX-T Manager root password is expired
search cancel

NSX-T Manager root password is expired

book

Article ID: 416526

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • An alarm has been received, notifying that the root password has expired.
  • SSH access attempts using root credentials consistently yield an "Access Denied" error, despite verification via get service ssh (executed in administrator mode) confirming that "Root login" remains enabled.
    nsx-mngr> get service ssh
MM DD YYYY UTC HH:MM:SS.###
Service name:      ssh
Service state:     running
Start on boot:     True
Root login:        enabled
  • Attempts to log into the web console with root credentials also fail, returning an "Access Denied" message.
  • Direct confirmation of the password's status was obtained by executing get user root password-expiration (in administrator mode), which explicitly indicates that the root password has expired.

    nsx-mngr> get user root password-expiration
MM DD YYYY UTC HH:MM:SS:###
Password expires 90 days after last change,
 Current password is expired.
User will receive warning messages 7 days before password expires.

Environment

VMware NSX-T

Cause

Expired password for "root" account

Resolution

  • Connect to the console of the appliance.
  • Reboot the system.
  • When the GRUB boot menu appears, press the left SHIFT or ESC key quickly. If you wait too long and the boot sequence does not pause, you must reboot the system again.
  • Press e to edit the menu.
    Choose the top Ubuntu line then enter the user name root and the GRUB password for root (not the same as the appliance's user root). The default password is NSX@VM!WaR10.
  • Press e to edit the selected option.
  • Search for the line starting with linux and add systemd.wants=PasswordRecovery.service to the end of the line.
  • Press Ctrl-X to boot.
  • When the log messages stop, enter the new password for root.
  • Enter the password again. The boot process continues.
  • After the reboot, you can verify the password change by logging in as root with the new password.

    Additional Information

    Techdocs: https://techdocs.broadcom.com/us/en/vmware-cis/nsx/vmware-nsx/4-2/administration-guide/authentication-and-authorization/password-management/resetting-passwords-on-an-appliance.html 

    This resolution method for an expired root password is also applicable in instances where the password has been forgotten.

    Powered by Wolken Software