vRealize Log Insight reset password / Unlock Admin account

Last week i got into a pickle where i couldn’t login to vRealize Log Insight (vRLI).

I got the rather generic “Incorrect Username/Password”, and i was pretty sure i had remembered the password correctly. Turns out that vRLI’s admin password is stored in the Cassandra database, and the error for “wrong password” and “Admin account locked”.. is the same.

These are the steps required to either reset the admin password, which will help you gain access if you havn’t locked the admin account.

1. SSH into one of the vLRI nodes using the root user.
2. run the command li-reset-admin-passwd.sh

This will generate a new password for the admin account.

If you still can’t login your admin account is most likely locked, and you will need to modify the Cassandra database, don’t worry, it’s not that hard.

1. SSH into one of the vRLI nodes using the root user.
2. Retrieve the Cassandra password by running /usr/lib/loginsight/application/lib/apache-cassandra-*/bin/credentials-look-up This will output your password for lisuper user.
   <cassandra-user value=”lisuper”/>
   <cassandra-password value=”YOURPASSWORD”/>
3. Login using /usr/lib/loginsight/application/lib/apache-cassandra-*/bin/cqlsh -u lisuper –cqlshrc=/storage/core/loginsight/cidata/cassandra/config/cqlshrc
4. Enter the cassandra-password when asked, you could use -p in the above command however if your password includes certain special chars this doesn’t work.
5. Your now in the Cassandra CLI and need to change to the correct database, USE logdb;
6. Now we want to list all users and see if the account is locked, SELECT * from users;
7. If the “status” field shows “2” for the admin account, then it’s locked.
8. To unlock the account, UPDATE user SET status=1 WHERE id=xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx;
9. Verify that the account is unlocked by running, SELECT * from users; again.
10. to logout write quit;

If your admin account keeps locking itself, try to find integration that uses the admin account that may have the wrong password stored (sddc-manager, vRealize Suite Lifecycle Manager, etc), or find your colleague who keeps trying to login with the same password.