Solved

VMWare - SSO Conundrum with Vcenter

Posted on 2014-02-18
2
848 Views
Last Modified: 2014-02-25
So the entire issue is as follows:

 
Classic situation where information was not documented accurate and the Master SSO admin@system-online password was lost.

I discovered this when I went to upgrade Vcenter to 5.1 Update 1 where you are first prompted to run SSO and it states this will upgrade SSO and it asks for the master password

 
Located the discussion where a solution was discovered and it had me run the following query on the database
 
UPDATE  
[Dbo]. [IMS_PRINCIPAL]   
SET  
[PASSWORD] = '{SSHA256}B6HO7UNHVi5fglh1RpJXX4z1maGJ9lcicTVcy94ztsmzAekseg=='  
WHERE  
           LOGINUID = 'admin'  
AND  
           PRINCIPAL_IS_DESCRIPTION = 'admin'  UPDATE

Open in new window

To my understanding this would reset the master password to VMware1234!

However after resetting the Vcenter SSO service

I then run the SSO install and then accept the 'upgrade' prompt after which it prompts for the password

I enter VMware1234! and it states password is incorrect or blank

 
At this point I am prepping a spare server I had around and do a fresh installation and then import the IMS_PRINCIPAL table and then that I would believe HAVE to resolve my issue.  Was just wondering if I was missing some small step as I tend to overlook the easier things at times
0
Comment
Question by:Jessayman
2 Comments
 
LVL 119

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 250 total points
ID: 39867572
What we have done in the past for clients, is to create a new vCenter Database, and SSO installation, on a temporary server. e.g. a dummy SSO/vCenter Server environment.

Remember the SSO password, from installation, and then cut and paste the hashed password from the new database to the old non-working, forgotten password.

This does not require the password to be broken or hacked, you are just exchanging the information in the database.

there is an article here, you can follow as well

scroll down to SSO Master Password away - a __ unsupportete__ solution

It does work very well.
0
 
LVL 13

Assisted Solution

by:Abhilash
Abhilash earned 250 total points
ID: 39868224
You could try this. We use this to help many people on VMware Community. And it has worked

if SSO password ( admini@system-domain ) needs to be reset, please execute below query on RSA database:
 
UPDATE
[dbo].[IMS_PRINCIPAL]
SET
[PASSWORD] = '{SSHA256}KGOnPYya2qwhF9w4xK157EZZ/RqIxParohltZWU7h2T/VGjNRA=='
WHERE
LOGINUID = 'admin'
AND
PRINCIPAL_IS_DESCRIPTION = 'Admin';
 
This will reset the password to "VMware1234!", after which you login and change the password as needed.

Note: Take backup of RSA database before executing this

And i don't think that UPDATE in the end belongs there.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows gives you an overview on SQL Server 2016 row level security. You will also get to know the usages of row-level-security and how it works
This article outlines why you need to choose a backup solution that protects your entire environment – including your VMware ESXi and Microsoft Hyper-V virtualization hosts – not just your virtual machines.
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
Via a live example, show how to set up a backup for SQL Server using a Maintenance Plan and how to schedule the job into SQL Server Agent.

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question