VMware – vSphere 5.5 U2 – Resetting the SSO Password

In a previous post I talked about deploying custom SSL certs into a vCenter 5.5 environment. As I was working through the update steps, the Certificate Automation Tool kept bombing out when updating the Inventory Service certificate. Neither the client nor I really knew why this was happening, but I had a bit of a hunch that it something to do with SSO credentials. It turned out to be a lucky guess, as I reset the password a few times and the SSL cert tool started working.

If you find yourself in this situation, there’s a tool provided with vCenter to reset the SSO password. Here’s a link to the KB article.

c:\Program Files\VMware\Infrastructure\VMware\CIS\vmdird>vdcadmintool.exe

It’s a fairly straightforward process, but you need to be mindful to use a generated password that meets VMware’s requirements for SSO passwords and special characters. By that I mean that some special characters aren’t allowed, even though they’re in passwords generated by the tool. You can get details on that here. In short, these special characters are not supported in SSO passwords:

  • Non-ASCII characters
  • Ampersand (&)
  • Semicolon ( ; )
  • Double quotation mark ( ” )
  • Single quotation mark ( ‘ )
  • Circumflex ( ^ )
  • Backslash ( \ )
  • Percentage (%)

At times I wasn’t convinced that this list is comprehensive either.

Updated Articles page

It’s been too long since I wrote up a how-to article. But this one came from a really interesting problem. My colleagues were recently faced with an issue at a site where the customer wanted to upgrade from vSphere 5.1 to 5.5. Which was fine, but they’d forgotten / misplaced / couldn’t remember the SSO master password. So I’ve added a brief article covering the steps involved in getting it sorted out. Full credit to Michael, Vincent and our Partner SE Charles for piecing together the steps. I’m really just the messenger.

While you’re there, have a look through my other articles. While dated, some are still useful.