This article will explain the steps to unlock or reset the vCloud Availability root account. There are a couple of scenarios where you might need this.

For example when the account is locked out after too many fault attempts you will get “Access denied” when you login:

The vCloud Availability root account is locked out..

In my case I was just being stupid.. I forgot to update the new password in my SSH client after I had to reset the password during the first boot.
This caused my root account to be locked out.

During the initial deployment of the vCAv management appliance, you have to enter a root password as shown below:

vCloud Availability initial deployment
vCloud Availability initial deployment

After the deployment has finished, you can login by navigating to https://<FQDN>/ui/admin.

vCAv Management portal -  First login
vCAv Management portal – First login

Now you have to reset the password you entered minutes ago.
When you do, don’t forget to save it somewhere safe! 😉

Reset the password after first login
Reset the password after first login

Enough introduction..
Let’s get started with the steps required to unlock or reset vCloud Availability root account!

Reset vCloud Availability root account

vCloud Availability is build on PhotonOS. The first step we have to take is reboot the appliance and enter the GRUB menu by hitting ‘e’ during the boot.

Hit 'e' during the initial boot process to enter GRUB menu
Hit ‘e’ during the initial boot process to enter GRUB menu

In the GRUB menu, add “rw init =/bin/bash” to the line starting with Linux.. and hit F10

 Add "rw init =/bin/bash" to the line starting with Linux
Add “rw init =/bin/bash” to the line starting with Linux

The appliance will boot in the bash shell now.

 In the shell, type  “mount -o remount,rw /” and hit Enter
In the shell, type “mount -o remount,rw /” and hit Enter
In the shell, type “passwd root” and hit Enter
Enter the new password twice and hit enter
Enter the new password twice and hit enter
In the shell, type “umount /” and hit Enter
In the shell, type reboot -f to reboot the appliance

After you finished these steps, you can logon to the portal and SSH again with the new password.

Unlock the vCAv root account

If you only want to unlock the account without setting a new password, the steps are almost equal.

Replace the step where you type “passwd root” with “/sbin/pam_tally2 -r -u root” to unlock the account.

In the shell, type  “/sbin/pam_tally2 -r -u root” and hit Enter
In the shell, type “/sbin/pam_tally2 -r -u root” and hit Enter
In the shell, proceed with "umount /" and "reboot -f" commands
In the shell, proceed with “umount /” and “reboot -f” commands

After you finished these steps, you can logon to the portal and SSH again with the unlocked root password.

Logon to the vCloud Availability Admin portal
Logon to the vCloud Availability Admin portal
Successful logon to the vCloud Availability Admin portal
Successful logon to the vCloud Availability Admin portal

Other posts you might like:

 1,697 total views,  1 views today