Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

VMWare - SSO Conundrum with Vcenter

Posted on 2014-02-18
2
Medium Priority
?
860 Views
Last Modified: 2014-02-25
So the entire issue is as follows:

 
Classic situation where information was not documented accurate and the Master SSO admin@system-online password was lost.

I discovered this when I went to upgrade Vcenter to 5.1 Update 1 where you are first prompted to run SSO and it states this will upgrade SSO and it asks for the master password

 
Located the discussion where a solution was discovered and it had me run the following query on the database
 
UPDATE  
[Dbo]. [IMS_PRINCIPAL]   
SET  
[PASSWORD] = '{SSHA256}B6HO7UNHVi5fglh1RpJXX4z1maGJ9lcicTVcy94ztsmzAekseg=='  
WHERE  
           LOGINUID = 'admin'  
AND  
           PRINCIPAL_IS_DESCRIPTION = 'admin'  UPDATE

Open in new window

To my understanding this would reset the master password to VMware1234!

However after resetting the Vcenter SSO service

I then run the SSO install and then accept the 'upgrade' prompt after which it prompts for the password

I enter VMware1234! and it states password is incorrect or blank

 
At this point I am prepping a spare server I had around and do a fresh installation and then import the IMS_PRINCIPAL table and then that I would believe HAVE to resolve my issue.  Was just wondering if I was missing some small step as I tend to overlook the easier things at times
0
Comment
Question by:Jessayman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 123

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 1000 total points
ID: 39867572
What we have done in the past for clients, is to create a new vCenter Database, and SSO installation, on a temporary server. e.g. a dummy SSO/vCenter Server environment.

Remember the SSO password, from installation, and then cut and paste the hashed password from the new database to the old non-working, forgotten password.

This does not require the password to be broken or hacked, you are just exchanging the information in the database.

there is an article here, you can follow as well

scroll down to SSO Master Password away - a __ unsupportete__ solution

It does work very well.
0
 
LVL 13

Assisted Solution

by:Abhilash
Abhilash earned 1000 total points
ID: 39868224
You could try this. We use this to help many people on VMware Community. And it has worked

if SSO password ( admini@system-domain ) needs to be reset, please execute below query on RSA database:
 
UPDATE
[dbo].[IMS_PRINCIPAL]
SET
[PASSWORD] = '{SSHA256}KGOnPYya2qwhF9w4xK157EZZ/RqIxParohltZWU7h2T/VGjNRA=='
WHERE
LOGINUID = 'admin'
AND
PRINCIPAL_IS_DESCRIPTION = 'Admin';
 
This will reset the password to "VMware1234!", after which you login and change the password as needed.

Note: Take backup of RSA database before executing this

And i don't think that UPDATE in the end belongs there.
0

Featured Post

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windocks is an independent port of Docker's open source to Windows.   This article introduces the use of SQL Server in containers, with integrated support of SQL Server database cloning.
An alternative to the "For XML" way of pivoting and concatenating result sets into strings, and an easy introduction to "common table expressions" (CTEs). Being someone who is always looking for alternatives to "work your data", I came across this …
This video shows you how easy it is to boot from ISO images for virtual machines with the ISO images stored on a local datastore on the ESXi host.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question