vShield Manager CLI password change

This just seems nonsensical to me. Apparently, you cannot change user passwords via CLI in vShield Manager 5.1.2, but you have to go through the rigmarole of removing and recreating accounts. Specifically, I needed to change password for admin account.

Moreover, CLI admin account is separate entity from admin account used in conjunction with web interface!

So, first create a temporary admin account and log out:

manager# config t
manager(config)# user tempadmin password plaintext pass1
manager(config)# exit
manager# write mem
Building Configuration...
Configuration saved.
[OK]
manager# exit

Then log back in using tempadmin account, delete admin account and re-create it using desired password:

manager# config t
manager(config)# no user admin
manager(config)# user admin password plaintext pass2
manager(config)# exit
manager# write mem
Building Configuration...
Configuration saved.
[OK]
manager#

…and finally, logout as tempadmin, log back in as admin and remove tempadmin account:

manager# config t
manager(config)# no user tempadmin
manager(config)# exit
manager# write mem
Building Configuration...
Configuration saved.
[OK]
manager#

More on this is here… And yes, article recommends removing admin completely.

Posted on June 30, 2013 at 10:31 by somedude · Permalink
In: virtualization, vmware, vshield

2 Responses

Subscribe to comments via RSS

  1. Written by Gene
    on March 12, 2014 at 20:49
    Reply · Permalink

    Excellent posting. You may want to reference the VMware KB article 2064079 “Securing vShield CLI user accounts and the privileged mode”

    Also, the admin CLI password is different from the CLI “enable” command password. The KB article describes how to change the enable command password too.

  2. Written by alireza
    on March 7, 2016 at 15:53
    Reply · Permalink

    best recommand : pass change 4 web interface and then cli 😀

Subscribe to comments via RSS

Leave a Reply