When you attempt to update the root password for a vCenter Server through the VCF Operations Fleet Management interface, the operation fails.

You may observe the following symptoms:

• The error message "Update for appliance '<Appliance_Name>' has failed. Failed to perform specified operation on SDDC manager." appears in the UI.

• Login to the vCenter Server Management Interface (VAMI) on port 5480 fails with "Unable to authenticate user."

• SSH access to the vCenter appliance as root prompts: "You are required to change your password immediately (administrator enforced)."

• SDDC Manager UI (Security > Password Management) displays a red banner: "Password remediate for resource: <VC_FQDN>, user: root and credential type: SSH."

• Subsequent password operations for other components (e.g., NSX Manager) may remain in a "spinning" or "in progress" state indefinitely.

• VCF Operations 9.0.x

• SDDC Manager 9.0.x

The vCenter root password expired at the appliance OS level. Since the OS enforces an immediate password change upon login, the automated SDDC Manager service account could not authenticate to rotate the password, causing the task to fail. These failures can result in stuck "PREVALIDATION_FAILED" entries in the SDDC Manager operationsmanager database, which block the password management and other SDDC tasks pipeline for other resources.

To resolve this issue, you must manually synchronize the password at the appliance level and clear any stuck tasks in the SDDC Manager database.

Step 1: Manually Reset the vCenter Root Password

1. Log in to the vCenter Server appliance via SSH as the root user.

2. When prompted by the OS, enter the current (expired) password.

3. Provide a new password that meets your organization's complexity requirements.

4. Verify you can now log into the VAMI (https://<vCenter_FQDN>:5480) with the new credentials.
   
   

Step 2: Remediate the Password in SDDC Manager

1. Log into the SDDC Manager UI.

2. Navigate to Security > Password Management.

3. Locate the failed vCenter resource associated with the red error banner.

4. Click Retry.

5. Enter the new password you set in Step 1 and click Submit.

6. Verify the status changes to Active.
   
   

Step 3: Clear Stuck Database Tasks (If Applicable)

If other password updates remain stuck or "spinning" after Step 2, refer to KB 379319 in Additional Information section below - "Getting error “Password management operation failed in pre-validation Stage” when performing password management task using SDDC manager"

Step 4: Verify the Resolution

1. Return to the VCF Operations UI.

2. Navigate to Home > Fleet Management > Passwords.

3. Verify that the vCenter Server resource status is now displayed as Active and the "Last Modified" timestamp is updated to the current date.

4. Confirm that the red error banner in SDDC Manager has cleared and that no "Credential rotate operation" tasks remain in a "Queued" status within the vCenter Recent Tasks pane.

• Getting error “Password management operation failed in pre-validation Stage” when performing password management task using SDDC manager.

• Changing or Resetting the root password in vCenter Server Appliance

• Managing Passwords for VMware Cloud Foundation Components

• Schedule Password Rotation for VMware Cloud Foundation Products