Solved

VMWare - SSO Conundrum with Vcenter

Posted on 2014-02-18
2
836 Views
Last Modified: 2014-02-25
So the entire issue is as follows:

 
Classic situation where information was not documented accurate and the Master SSO admin@system-online password was lost.

I discovered this when I went to upgrade Vcenter to 5.1 Update 1 where you are first prompted to run SSO and it states this will upgrade SSO and it asks for the master password

 
Located the discussion where a solution was discovered and it had me run the following query on the database
 
UPDATE  
[Dbo]. [IMS_PRINCIPAL]   
SET  
[PASSWORD] = '{SSHA256}B6HO7UNHVi5fglh1RpJXX4z1maGJ9lcicTVcy94ztsmzAekseg=='  
WHERE  
           LOGINUID = 'admin'  
AND  
           PRINCIPAL_IS_DESCRIPTION = 'admin'  UPDATE

Open in new window

To my understanding this would reset the master password to VMware1234!

However after resetting the Vcenter SSO service

I then run the SSO install and then accept the 'upgrade' prompt after which it prompts for the password

I enter VMware1234! and it states password is incorrect or blank

 
At this point I am prepping a spare server I had around and do a fresh installation and then import the IMS_PRINCIPAL table and then that I would believe HAVE to resolve my issue.  Was just wondering if I was missing some small step as I tend to overlook the easier things at times
0
Comment
Question by:Jessayman
2 Comments
 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 250 total points
Comment Utility
What we have done in the past for clients, is to create a new vCenter Database, and SSO installation, on a temporary server. e.g. a dummy SSO/vCenter Server environment.

Remember the SSO password, from installation, and then cut and paste the hashed password from the new database to the old non-working, forgotten password.

This does not require the password to be broken or hacked, you are just exchanging the information in the database.

there is an article here, you can follow as well

scroll down to SSO Master Password away - a __ unsupportete__ solution

It does work very well.
0
 
LVL 13

Assisted Solution

by:Abhilash
Abhilash earned 250 total points
Comment Utility
You could try this. We use this to help many people on VMware Community. And it has worked

if SSO password ( admini@system-domain ) needs to be reset, please execute below query on RSA database:
 
UPDATE
[dbo].[IMS_PRINCIPAL]
SET
[PASSWORD] = '{SSHA256}KGOnPYya2qwhF9w4xK157EZZ/RqIxParohltZWU7h2T/VGjNRA=='
WHERE
LOGINUID = 'admin'
AND
PRINCIPAL_IS_DESCRIPTION = 'Admin';
 
This will reset the password to "VMware1234!", after which you login and change the password as needed.

Note: Take backup of RSA database before executing this

And i don't think that UPDATE in the end belongs there.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
HOW TO: Install and Configure VMware vSphere Hypervisor 6.5 (ESXi 6.5), Step by Step Tutorial with screenshots. From Download, Checking Media, to Completed Installation.
Via a live example, show how to set up a backup for SQL Server using a Maintenance Plan and how to schedule the job into SQL Server Agent.
This video shows you how easy it is to boot from ISO images for virtual machines with the ISO images stored on a local datastore on the ESXi host.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now