patron
asked on
NOT ABLE TO RESET ROOT PASSWORD ON ESXI 5.1
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It uses some password complexity measures.
So what ever password complexity you have set, make sure you password complies.
ASKER
it is already there and as same as we have for other host in my cluster. we are able to reset password for almost 8 host with same build and level of esxi 5.1 -2191751 , but it is not working on 6 host in same cluster ?
same passwd file, pamd.d access as well
same build and version
is it something bug to be fixed in other version/update..in Vi client error while trying to rest root password is..
Call "HostLocalAccountManager.U pdateUser" for object "ha-localacctmgr" on ESXi "...." failed. to set the password
same passwd file, pamd.d access as well
same build and version
is it something bug to be fixed in other version/update..in Vi client error while trying to rest root password is..
Call "HostLocalAccountManager.U
ASKER
its not related to password complexity..but giving this error
this error is documented here
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1012033
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1012033
Not being picky - but those 6 more hosts have same version installed? And installed from same vendor customized ESXi?
ASKER
Yes, all have same version /build and installed/updated with same media/patch.
Even i have rebooted host and updated with latest patch as well ie U3 for Esxi 5.1..but still showing same error?
Even i have rebooted host and updated with latest patch as well ie U3 for Esxi 5.1..but still showing same error?
ASKER
Thanks Andrew.i have already checked for that article..but its none related to this, as same file we have on other host ..where it is allowing to reset passwd file.
Even i have disabled everything given in url...still same error?
Even i have disabled everything given in url...still same error?
Re-install the ESXi 5.1 host or escalate this issue to VMware Support.
ASKER
have already escalated to VMware..but yet they ppl are looking into it.
what I found in /var/log/auth.log is..
"2015-03-23T11:56:06Z passwd: pam_unix(passwd:chauthtok) : user "root" has corrupted passwd entry
2015-03-23T11:56:06Z passwd: 2015-03-23T12:00:47Z passwd: 2015-03-23T12:05:05Z passwd: pam_unix(passwd:chauthtok) : user "root" has corrupted passwd entry
2015-03-23T12:05:05Z passwd: 2015-03-23T12:08:43Z passwd: pam_unix(passwd:chauthtok) : user "root" has corrupted passwd entry
2015-03-23T12:08:43Z passwd: 2015-03-23T12:15:48Z passwd: pam_unix(passwd:chauthtok) : user "root" has corrupted passwd entry
2015-03-23T12:15:48Z passwd: 2015-03-23T12:35:27Z passwd: pam_unix(passwd:chauthtok) : user "root" has corrupted passwd entry"
Tried to look for and VM article to get this resolved..but no luck, any way we can get this rectified ?
what I found in /var/log/auth.log is..
"2015-03-23T11:56:06Z passwd: pam_unix(passwd:chauthtok)
2015-03-23T11:56:06Z passwd: 2015-03-23T12:00:47Z passwd: 2015-03-23T12:05:05Z passwd: pam_unix(passwd:chauthtok)
2015-03-23T12:05:05Z passwd: 2015-03-23T12:08:43Z passwd: pam_unix(passwd:chauthtok)
2015-03-23T12:08:43Z passwd: 2015-03-23T12:15:48Z passwd: pam_unix(passwd:chauthtok)
2015-03-23T12:15:48Z passwd: 2015-03-23T12:35:27Z passwd: pam_unix(passwd:chauthtok)
Tried to look for and VM article to get this resolved..but no luck, any way we can get this rectified ?
ASKER
VMware ESXi 5.1.0 build-2323231
VMware ESXi 5.1.0 Update 2
and same issue on ESXi 5.1 Update 3
VMware ESXi 5.1.0 Update 2
and same issue on ESXi 5.1 Update 3
Re-install!
ASKER
fine, but here i need to locate how it has happened ? else it may occur after reinstall as well.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Tried all methods..except host profile !!
Please advise how we can proceed using host profile ?
and is there any way to check for data edited..as its almsot same as i have on other host or if some how we can update /restore this?
Please advise how we can proceed using host profile ?
and is there any way to check for data edited..as its almsot same as i have on other host or if some how we can update /restore this?
In vcenter - create host profile from healthy system
edit host profile with desired root password
save it (wait to save)
now edit profile application rules by removing every rule but password.
Assign it to a bad ESXi. Check compliance... Enter maintenance mode, apply profile (before changing anything it will ask what to change on host... if you missed some in previous step it will show more than single change - rewind and try again...)
Essentially this is a bit different mechanism to set password than typing it on the console - vcenter agent will try to change it.
It is good idea to keep host profiles matching your systems... It makes it easy to reinstall them if needed.
edit host profile with desired root password
save it (wait to save)
now edit profile application rules by removing every rule but password.
Assign it to a bad ESXi. Check compliance... Enter maintenance mode, apply profile (before changing anything it will ask what to change on host... if you missed some in previous step it will show more than single change - rewind and try again...)
Essentially this is a bit different mechanism to set password than typing it on the console - vcenter agent will try to change it.
It is good idea to keep host profiles matching your systems... It makes it easy to reinstall them if needed.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
"set administrator password" under security.
You may have solved the issue, no way to tell, if it will come back and haunt you with your hack job!
That's because VMware does not support the updating of the passwd file!
It's the same issue, with using a Linux CDROM, to hack the password file, it's unsupported!
see first post!
That's because VMware does not support the updating of the passwd file!
It's the same issue, with using a Linux CDROM, to hack the password file, it's unsupported!
see first post!
With unsupported hack applied you now pay for no support full price of support..... (until all 20 systems are reinstalled)
ASKER
yes,it could be the issue here..but this is somthing i was looking for support from vmware as well
and Thanks a lot for all your great support here on this issues.
and Thanks a lot for all your great support here on this issues.
And sorry we did not keep you away from your intent of big reinstall...
ASKER
Appriciate you support on this!!
ASKER
so need to underatnd where the glicth is ?
tried to give complete permission to pam.d and passwd under /etc/pam.d..but still shoing same error ?
and not allowing to modify the password file ..while it has the same entry..as we have in other host -allowing us to reset root password using command and gui as well.
Please assist to get this clerified..or if its somthing to be configured @host level?