The only method supported by VMware for resetting the root password is to reinstall an ESXi host. However, if the host is still maintained by vCenter and connected, you can reset the ESXi root password using the host profile function. In case ESXi host root password fails to authenticate and cannot be accessed through CLI. You do not want to reinstall your ESXi host. Just ensure to take a backup to avoid data loss and then follow the below methods to reset the root password.
Method 1: Reset the ESXi root password through the Host Profile
- Sign in to the vCenter Web client.
- Select Host Profiles from the Operations and Policies menu.
- Choose Host Profile >> Extract Host profile.
- Enter a name and a description for the selected Host Profile in the Extract Host Profile, then click Next and finish to complete.
- Now the created new host profile will appear and then right-click the host profile >> Edit settings.
- Search for root in Edit Host Profile and reset a new password, then confirm it.
- Once the password has been changed. Next, right-click the host profile >> Attach/Detach Hosts. To attach, choose the host for which you changed the password.
- Select Maintenance Mode >> Enter Maintenance Mode from the Action Menu. The virtual machine must be shut down at this time.
- Select Remediate from the menu, then choose the host to remediate.
- Finally check host compliance and exit the maintenance mode once after the host rebooted.
Method 2: Edit the shadow file to reset the VMware root password
Note: The following method is not supported by VMware, however, it works on various ESXi versions. Before resetting the VMware root password, ensure to make a VMware backup. In case you are unable to reset your password via vCenter then you can try this method to reset the password. You can now use a live Linux CD/DVD/USB to reset the VMware root password. Before resetting the password, you must ensure to remove the encrypted root password stored in the /etc/shadow location to create a new password in the DCUI console.
- First download a live CD/DVD and choose the Gparted LiveCD.
- Burn a USB drive or CD/DVD containing the Live CD/DVD, and boot your host from it.
- Find the 2 partitions that are 249.98MB in size. For example, if you placed ESXi on a USB drive or SD card. Then you can start the editing with the /dev/sda5 partition and then go on to the /dev/sda6 partition.
A. Now open a terminal window and execute and run the commands mentioned below to access the shadow password file.
sudo su
mkdir /boot /temp
mount /dev/sda5 /boot
cd /boot
cp state.tgz /temp
cd /temp tar -xf state.tgz
tar -xf local.tgz
rm *.tgz
cd etc
B. Then, using vi, edit the shadow password file. Go to the line that begins with the root and delete the string between the first two colons.
C. Run the following set of commands after that.
cd ..
tar -cf local.tgz etc/
tar -cf state.tgz local.tgz
mv state.tgz /boot
umount /boot
reboot
- After removing the Gparted media, restart the ESXi host. Once after finished restarting the process, log in as root from the DCUI console Without entering a password, you should be able to log in. So, you can now set your new password.
Hope this helps you in resetting the VMware ESXi 6.7 root password, If you find any trouble in fixing click here for instant Tech Support.
To get more updates you can follow us on Facebook, Twitter, LinkedIn
Subscribe to get free blog content to your Inbox