Locked out of local ESX management
Hello
We are running a small ESX shop (4 hosts with about 5 vm each) and recently decided to try vSphere 7. Deployment was relatively easy and everything worked pretty much out of the box.
One thing I noticed is that the local admin on each individual host was not anymore allowed to connect, presumably as some default security policy applied from vSphere.
Problem is that we have - at least for the time being - elected not to purchase vSphere, Our trial is now up... but our hosts are still not accessible with local UI. In effect I locked myself out of our infra ! Oops...
How can I resolve this short of purchasing a new vSphere license... ??
We are running a small ESX shop (4 hosts with about 5 vm each) and recently decided to try vSphere 7. Deployment was relatively easy and everything worked pretty much out of the box.
One thing I noticed is that the local admin on each individual host was not anymore allowed to connect, presumably as some default security policy applied from vSphere.
Problem is that we have - at least for the time being - elected not to purchase vSphere, Our trial is now up... but our hosts are still not accessible with local UI. In effect I locked myself out of our infra ! Oops...
How can I resolve this short of purchasing a new vSphere license... ??
ASKER
So you cannot login to each ESXi host as root?Correct
Even if trial expires this just stops you powering up a VM not lock you outNot willing to connect (ping is ok)
Tried to add the host again
Do you think we are having some other issue ?
yes agent is not running on host it could be ESXi storage full this can happen and what you suggest happens cannot login and agent is not responding
SSH not enabled?
Otherwise you’ll have to shutdown all VMs remotely
restart hosts
SSH not enabled?
Otherwise you’ll have to shutdown all VMs remotely
restart hosts
ASKER
well SSH doesn't work
That's a sign that the root account was locked out. Probably by vSphere 7 as per above...
I understand that there is a way to reset it via DCUI but I have no console access for the moment :(
/usr/lib/vmware/misc/bin/tally_vob.sh failed: exit code 1That's a sign that the root account was locked out. Probably by vSphere 7 as per above...
I understand that there is a way to reset it via DCUI but I have no console access for the moment :(
restart the server.
SSH needs to be enabled before it had an issue,
SSH needs to be enabled before it had an issue,
ASKER
restart the serverWould that "unlock" the SSH ?
SSH needs to be enabled before it had an issue,Not sure what you mean.
If it is a question yes SSH was enabled before we presented the server to vSphere 7.
If it is a question yes SSH was enabled before we presented the server to vSphere 7.
okay thats fine, because SSH is usually only enabled for troubleshooting.
Restart the server, may cure the storage issue.
otherwise re-install ESXi
ASKER
wow... ok, that's quite a tall order.
The ESX host per se seem to work ok, just that I don't have access to the management.
So I'm not going to kill it right now - but I understand I have to look into this.
The ESX host per se seem to work ok, just that I don't have access to the management.
So I'm not going to kill it right now - but I understand I have to look into this.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Solved by "2. Re-install ESXi which is safe, if you select Preserve VMFS, it will not overwrite VMs. Then just re-register VMs with host, power on."
Yes, it does not take very long!
Even if trial expires this just stops you powering up a VM not lock you out