VMware has an excellent document on how to reset admin password however, based on my recent experiences, I’ve seen customers running into issues with their root password getting locked out more often than having to reset the admin password.
There can be multiple reasons for the root account getting locked. This is quite common as the frequency of logins after initial deployment tends to reduce.
- Inputting wrong password multiple times
- Keyboard mapping
- Password has been forgotten
Now, the VMware document that I am referring to explains how to change the root admin password using the command “passwd”. I wasn’t able to use this command to unlock the root account and had to do a lot of research to identify a solution to unlock it. Follow the steps below in case you’re running into the same issue.
2. Steps to Unlock
1. Confirming that the root account is locked
2. Next, Restart the appliance and soon as you see the Photon OS screen, press e to enter GRUB edit menu. Remove everything after “$rootpartition” and add “rw init=/bin/bash”.
3. Press the F10 key and at the command prompt enter “pam_tally2 – – user root” to check the failed attempts.
4. To unlock, type “pam_tally2 – – user root – – reset”. It will show you the same result as above but will also unlock the account.
5. Now to confirm that the account has been unlocked, retype “pam_tally2 – – user root” to check the failed attempts. Should reset to 0
6. To change the password, type “passwd”. If the password has been used previously, it’ll ask you to re-enter the password.
Confirm if you are able to login.
For more details on Unified Access Gateway, please follow VMware’s official UAG documentation at “docs.vmware.com“.