Sorting bits into bytes...

Reset administrator@vsphere.local and root password VCSA

If you find yourself in a situation where nobody knows what the administrator password is for the vCenter Server Appliance, this guide should help you get back in control.

The problem: no password vault manager

The solution: in 10 steps we can take back control.

First you need to figure out on which ESXi host the VCSA VM is running. You will need permissions (power on, power off, console and snapshot) on that ESXi host.

Step 1: Log in to that ESXi host and guest power off the VCSA VM


Step 2: Just for rollback sake, create a snapshot


Step 3: Open the console and power on the VCSA VM. Hit “e” when you see the Photon OS bootscreen


Step 4: Go to the end of the line starting with “linux “/”$photon_linux…” append that line with:

rw init=/bin/bash

Make sure to leave a space between “consoleblank=0” and “rw”

Once done, hit F10


Step 5: The VCSA VM will boot and you will be prompted with a shell. Create a new root password:


Enter your new root password twice.

You will reset the administrator@vsphere.local password later on. When you have set a new password enter:

reboot –f

The VCSA will  now reboot.


Step 6: If needed enable SSH. Somehow I needed to enter the root password twice, I’m pretty sure I entered the password correct the first time.

Step 7: Open Putty (or any other SSH client) and SSH into the VCSA with the newly created root password. Now we can reset the administrator@vsphere.local password.

When logged in:





A new password is generated for the administrator account. You can use this password to log in to the vCenter Server Appliance.


Step 8: Get access to the VCSA by copy pasting the new administrator password from the previous screen


Step 9: Time to clean up and remove the snapshot:

Right click VCSA VM -> Snapshots -> Manage Snapshot -> delete -> done


Step 10: Create a new administrator@vsphere.local password:

Menu -> Administration -> Users And Groups -> Set: Domain to vsphere.local -> “3 dots” left of Administrator -> Edit -> set new password -> Save


Bonus tip: there are plenty of password vaulting apps, make sure to use one.

This is tested with VCSA 6.7 with an embedded PSC. This should work with previous VCSA versions and external PSC as well. But I haven’t tested other setups. If you have, please let me know the outcome below.

Thanks for reading!


11 thoughts on “Reset administrator@vsphere.local and root password VCSA

  1. Hello, I want to subscribe for this blog to obtain most recent updates, therefore where can i do it please help out.

  2. Hurrah! In the end I got a website from where
    I be capable of genuinely obtain valuable data regarding my study and knowledge.

  3. Good post! We are linking to this particularly great post on our site.

    Keep up the great writing.

  4. Thank you for saving me hours of work I lost access to my password vault and as such both passwords.
    Using your blog I have recovered and made my life complete again I am able to go home at a normal time today. Again, thank you.

Leave a Reply to Mr T Cancel reply