VMware Live Recovery Appliance "admin" Account Locked Due to Third-Party Security Appliance Scan
search cancel

VMware Live Recovery Appliance "admin" Account Locked Due to Third-Party Security Appliance Scan

book

Article ID: 438353

calendar_today

Updated On:

Products

VMware Live Recovery

Issue/Introduction

VMware Live Recovery (VLR) Appliance "admin" password fails to authenticate. The "admin" user is unable to log in to the VLR appliances despite the password policy being configured to never expire and no recent password changes having occurred.

Running the faillock command from the appliance console indicates the admin account is in a locked state due to multiple failed login attempts originating from a remote IP address:

root@VLR[ ~ ]# faillock --user admin
Login       Failures    Latest failure             From
admin       3           20##-0#-2# 20:45:30   #.#.#.# (Remote Machine IP causing the lock)

Environment

VMware Live Recovery Appliance 9.x

Cause

The admin account is in a locked state because a third-party security tool repeatedly attempted to connect to the VLR appliance using incorrect credentials.

Resolution

  • Log in to the VLR appliance console as the root user.

  • Execute the following command to reset the failed login counter and unlock the admin user account: /sbin/faillock --user admin --reset

  • Verify that the admin account can now successfully authenticate.

  • To prevent this issue from recurring, correct the credentials configured within the third-party security tool or exclude the VLR appliance from the automated scan scope.

Powered by Wolken Software