In order to reset the vCenter Single Sign On Master Password running on a Windows server for the admin@system-domain user, you will need to have local admin access and SQL Server Management Studio installed. I initially tried using this method on VMWare’s website to reset via the command line, but got an error “ERROR: Failed to decrypt field com.rsa.db.user”. There is a workaround where you run a SQL command to reset the password to a known passphrase.
You will first need to open up the SQL Server Management Studio. Select the “VIM_SQLEXP” server name. Expand the Database folder tree, right click the RSA database and select “Tasks->Back up”. Backup the database to a local file. This is just in case the database somehow breaks when changing the password.
Copy the SQL command from this post.
https://communities.vmware.com/thread/428929?start=44
Run the Query in SQL Server Management Studio – RSA database. Once the query is successful, the admin@system-domain user password is now set to VMware1234!
To reset the password to something more secure, run the VMWare Web Client (https://MYSERVER:9443) with the new admin@system-domain credentials. After logging in, click on the “admin@system-domain” link on the top and select “Change Password”. Make sure it follows the proper password policies — 8 min characters, 1 special character, etc. Logout and your new password should work.
