Changing admin@system-domain Password Fails

It appears the master password for admin@system-domain had expired on an vSphere 5.1 SSO installation. This vCenter setup was installed as a "Simple Installation" which means vCenter, SSO and the Inventory Service are all installed on a single server.

First of all to reset the password you need to run the following commands (ensure the paths are correct beforehand)


SET JAVA_HOME=C:\Program Files\VMware\Infrastructure\jre
cd C:\Program Files\VMware\Infrastructure\SSOServer\ssolscli
ssopass -d https://FQDN_of_SSO_server:7444/lookupservice/sdk admin@system-domain

 

You will then be prompted for you current password (even if it has expired) and the new password. 

 

When I ran this command I got an error:

The provided current password for  user ‘admin’ is not valid
Return code is: InvalidCredentials
3

The KB ( 2035864 ) I took this from then suggested KB2060150 if that failed to work. This KB basically recommends setting the lifetime of the password from 365 days to another value. I chose 1041 days and checked it via the SSO.

 

sso1

 

This all looked ok but the admin@system-domain credentials still didn't work. What I didnt realise is that if you are already an adminsitrator (with a different username) you can change admin@system-domain password via the GUI. Luckily I had added the "VM administrators" group permissions to do this.

sso2

I was then able to reset the password.

 

sso3

 

I was then able to log in with the new admin@system-domain from the web portal.

Note: I was still unsure why the two KBs listed on the VMware website failed but as I was upgrading to 5.5 I wasn't too concerned