The following method provides steps to recover the vCenter Server Appliance (vCSA) root password for vSphere 6.7
The process is identical to the previous version (vCenter 6.5). The method is officially supported by VMware and documented in KB2147144.
Reset the vCSA root password
- Take a snapshot of the vCSA to be able to rollback in case of any problems during password recovery.
- Connect to the ESXi Host that runs the vCSA and open a remote console.
- Reboot the vCSA
- Press e immediately after the system starts (When the Photon screen shows up)
- Append
rw init=/bin/bashto the line starting with linux - Press F10 to boot
- In the command prompt, enter
passwdand enter a new root password twice - Enter
umount/ to unmount the root filesystem - Reboot the vCSA by running the command
reboot -f - Verify that you can log in with the new root password and delete the snapshot created in step 1.
Password expiration
There are two authentication sources where passwords are configured to expire by default. The root user configured in the Appliance Management and all SSO users expire after 90 days. This behavior can be configured:
Root password: Appliance Management (https://[VCENTER]:5480/) > Administration > Password expiration settings
SSO Users (eg. administrator@vsphere.local): Web Client > Administration > Single Sign-On > Configuration > Policies