Friday, October 25, 2019
How to unlock and reset SSO password in vSphere 6.x (2146224)
So I have a bit of a embarrassing confession to make. I forgot to record the Administrator password for my VCSA Appliance. Total disclosure, I was freaking out and I really thought I was going to have to start from scratch. I did some research I was surprised to find out that you can actually reset the Administrator account on a VCSA appliance as long as you have the root password for the appliance and you have access to the VCSA Console. Below are a list of the links to the KB Articles from VMware.
Resetting SSO Administrator Password
https://kb.vmware.com/s/article/2034608
Resetting SSO Administrator - VCSA 6.x
Below is the PUTTY session as an example.
shinnk@Computer:~$ ssh root@devvcsa01.xxxx.xxxxx
ssh: Could not resolve hostname devvcsa01.xxx.xxxxx: Name or service not known
shinnk@Computer:~$ ssh root@172.26.44.18
The authenticity of host '172.26.44.18 (172.26.44.18)' can't be established.
ECDSA key fingerprint is SHA256:7E4K1HVpg2ExWz+vEkkRdJ0M5jUYftb3HZw6OSDKFEICSOEPWWKYERe4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.26.44.18' (ECDSA) to the list of known hosts.
VMware vCenter Server Appliance 6.5.0.21000
Type: vCenter Server with an embedded Platform Services Controller
Password:
Connected to service
* List APIs: "help api list"
* List Plugins: "help pi list"
* Launch BASH: "shell"
Command> shell.set --enabled true
Command> shell
Shell access is granted to root
root@devvcsa01 [ ~ ]# /usr/lib/vmware-vmdir/bin/vdcadmintool
==================
Please select:
0. exit
1. Test LDAP connectivity
2. Force start replication cycle
3. Reset account password
4. Set log level and mask
5. Set vmdir state
6. Get vmdir state
7. Get vmdir log level and mask
==================
3
Please enter account UPN : Administrator@vsphere.local
New password is -
/a+p|8M?vRl`%"p4*+oZ
==================
Please select:
0. exit
1. Test LDAP connectivity
2. Force start replication cycle
3. Reset account password
4. Set log level and mask
5. Set vmdir state
6. Get vmdir state
7. Get vmdir log level and mask
==================
Once you go through all these steps you are now able to log into VCSA with that temporary password that you are given and you are also able to reset it as well.
I hope you find this post helpful, and if you do please share it out to your friends.
Friday, October 18, 2019
Getting past Certificate issue in Power CLI
So I recently started working more with PowerCLI. After my time at VMWorld 2019 (which I will cover in another post) I realized how powerful that PowerCLI actually is (pun not intended). In starting to work with PowerCLI I came across the following message whil: trying to connect to my vCenter
Connect-vIServer : xx-x-xxxx xx:xx:xx Connect-VIServer Error: Invalid server certificate. Use Set-PowerCLIConfiguration to set the value for the InvalidCertificateAction option to Prompt if you’d like to connect once or to add a permanent exception for this server.I did some googling and I found this article,so shout out to Ivo Beerens for his article.
https://www.ivobeerens.nl/
In his article he goes on to share this command
Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$falseAfter putting that into PowerShell and pressing enter you will no longer get the Invalid Certificate message.
I hope you found this post helpful, I will be posting about some of the scripts that I have been posting on my Github. Please share with your friends if you found this helpful.
Friday, October 11, 2019
Enable a Remote Mailbox in Office 365
So I recently ran into an issue where I had a user who's Local AD account had been deleted but their Office 365 Mailbox was still showing up. We tried to bring the user account back, however the AD recycle bin was not enabled. So we had to create a brand new account for the user and then work from there.
We originally planned to create a new mailbox and let the user start from scratch. However we ran into an issue were the old mailbox would not go away, and it was preventing us from migrating a new mailbox into Exchange Online for the user.
I then found the following Exchange Management Shell command which will allow you to connect the local AD account to the Exchange Online Mailbox.
After running the command the user is now able to log in with their new AD account and have access to their mailbox.
I hope you found this post helpful, and if you did, please share it with your friends.
We originally planned to create a new mailbox and let the user start from scratch. However we ran into an issue were the old mailbox would not go away, and it was preventing us from migrating a new mailbox into Exchange Online for the user.
I then found the following Exchange Management Shell command which will allow you to connect the local AD account to the Exchange Online Mailbox.
Enable-RemoteMailbox USERNAME -RemoteRoutingAddress Alias@domain.onmicrosoft.com
After running the command the user is now able to log in with their new AD account and have access to their mailbox.
I hope you found this post helpful, and if you did, please share it with your friends.
Subscribe to:
Posts (Atom)
-
To start, let me apologize for not taking screen shots to share this issue. If this issue occurs in the future I will be sure to take them t...
-
I have been away for a while, but in my absence I have been playing with a Home Automation System called Home Assistant. You can find out mo...
-
The other day I was tasked with deploying a Infoblox OVA in our Lab environment. I was under the impression that this was going to be a simp...