Solved

VMWare - SSO Conundrum with Vcenter

Posted on 2014-02-18
2
846 Views
Last Modified: 2014-02-25
So the entire issue is as follows:

 
Classic situation where information was not documented accurate and the Master SSO admin@system-online password was lost.

I discovered this when I went to upgrade Vcenter to 5.1 Update 1 where you are first prompted to run SSO and it states this will upgrade SSO and it asks for the master password

 
Located the discussion where a solution was discovered and it had me run the following query on the database
 
UPDATE  
[Dbo]. [IMS_PRINCIPAL]   
SET  
[PASSWORD] = '{SSHA256}B6HO7UNHVi5fglh1RpJXX4z1maGJ9lcicTVcy94ztsmzAekseg=='  
WHERE  
           LOGINUID = 'admin'  
AND  
           PRINCIPAL_IS_DESCRIPTION = 'admin'  UPDATE

Open in new window

To my understanding this would reset the master password to VMware1234!

However after resetting the Vcenter SSO service

I then run the SSO install and then accept the 'upgrade' prompt after which it prompts for the password

I enter VMware1234! and it states password is incorrect or blank

 
At this point I am prepping a spare server I had around and do a fresh installation and then import the IMS_PRINCIPAL table and then that I would believe HAVE to resolve my issue.  Was just wondering if I was missing some small step as I tend to overlook the easier things at times
0
Comment
Question by:Jessayman
2 Comments
 
LVL 119

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 250 total points
ID: 39867572
What we have done in the past for clients, is to create a new vCenter Database, and SSO installation, on a temporary server. e.g. a dummy SSO/vCenter Server environment.

Remember the SSO password, from installation, and then cut and paste the hashed password from the new database to the old non-working, forgotten password.

This does not require the password to be broken or hacked, you are just exchanging the information in the database.

there is an article here, you can follow as well

scroll down to SSO Master Password away - a __ unsupportete__ solution

It does work very well.
0
 
LVL 13

Assisted Solution

by:Abhilash
Abhilash earned 250 total points
ID: 39868224
You could try this. We use this to help many people on VMware Community. And it has worked

if SSO password ( admini@system-domain ) needs to be reset, please execute below query on RSA database:
 
UPDATE
[dbo].[IMS_PRINCIPAL]
SET
[PASSWORD] = '{SSHA256}KGOnPYya2qwhF9w4xK157EZZ/RqIxParohltZWU7h2T/VGjNRA=='
WHERE
LOGINUID = 'admin'
AND
PRINCIPAL_IS_DESCRIPTION = 'Admin';
 
This will reset the password to "VMware1234!", after which you login and change the password as needed.

Note: Take backup of RSA database before executing this

And i don't think that UPDATE in the end belongs there.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When rebooting a vCenters 6.0 and try to connect using vSphere Client we get this issue "Invalid URL: The hostname could not parsed." When we get this error we need to do some changes in the vCenter advanced settings to fix the issue.
This article outlines why you need to choose a backup solution that protects your entire environment – including your VMware ESXi and Microsoft Hyper-V virtualization hosts – not just your virtual machines.
Viewers will learn how to use the SELECT statement in SQL and will be exposed to the many uses the SELECT statement has.
This Micro Tutorial steps you through the configuration steps to configure your ESXi host Management Network settings and test the management network, ensure the host is recognized by the DNS Server, configure a new password, and the troubleshooting…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question