DefinIT

Recover ESXi Root Password using AD Authentication

vmware logoLosing a root password isn’t something that happens often, but when it does it’s normally a really irritating time. I have to rotate the password of all hosts once a month for compliance, but sometimes a host drops out of the loop and the root password gets lost. Fortunately, as the vpxuser is still valid I can manage the host via vCenter – this lends itself to this little recovery process:

  • Join the host to the domain (I’ve got a handy post for that here)
  • Create the “ESX Admins” group in your AD and ensure that you are a member. The AD group will be given full administrator rights on the host automatically.
  • Wait for replication, and the host to pick up the group and membership – it took about 15 minutes for me.
  • You can now connect directly to the host using the vSphere Client – head on to the “Local Users & Groups” page and edit “root”:

image

  • You should now be able to connect to the host using your new root password.