How To Reset oVirt/RHEV admin user password

Posted on 147 views

A default user with the system-wide SuperUser role is created during the installation of oVirt / RHEV. A command line tool called ovirt-aaa-jdbc-tool can be used to manage local user accounts on the internal domain post installation. Any changes made through ovirt-aaa-jdbc-tool will take effect immediately and there is no need to restart the ovirt-engine service. This walkthrough guide will help you to reset admin user password on a local domain in oVirt/RHEV virtualization environment.

Let’s first view admin user account information before attempting password reset;

[[email protected] ~]$ sudo ovirt-aaa-jdbc-tool user show admin
-- User admin(d2cd1649-16b8-4d9c-a4c5-2825cb31a5e7) --
Namespace: *
Name: admin
ID: d2cd1649-16b8-4d9c-a4c5-2825cb31a5e7
Display Name:
Email: [email protected]
First Name: admin
Last Name:
Department:
Title:
Description:
Account Disabled: false
Account Locked: false
Account Unlocked At: 1970-01-01 00:00:00Z
Account Valid From: 2022-01-09 00:09:42Z
Account Valid To: 2222-01-09 00:09:42Z
Account Without Password: false
Last successful Login At: 2022-01-22 19:28:12Z
Last unsuccessful Login At: 1970-01-01 00:00:00Z
Password Valid To: 2221-11-22 00:09:45Z

We shall use the ovirt-aaa-jdbc-tool tool to reset the password of the internal administrative user ([email protected]). The new password to be assigned this user needs to meet the following policy requirements:

  • Password must have a minimum of 6 characters.
  • The new password used cannot be one of the three previous passwords used.

The command syntax for resetting admin user password is:

$ sudo ovirt-aaa-jdbc-tool user password-reset username --password-valid-to="yyyy-MM-dd HH:mm:ssX"

A value for --password-valid-to must be set, otherwise the password expiry time defaults to the current time. The date format is as shared in command syntax yyyy-MM-dd HH:mm:ssX

In the following command we change the [email protected] user password and set password validity to 2035-12-31 12:00:00Z.

[[email protected] ~]$ sudo ovirt-aaa-jdbc-tool user password-reset admin --password-valid-to="2035-12-31 12:00:00Z"

Input and confirm new password as prompted:

Password: 
Reenter password: 
updating user admin...
user updated successfully

In the used example, in date format stands for UTC time. You can view user new details after reset:

[[email protected] ~]$ sudo ovirt-aaa-jdbc-tool user show admin
-- User admin(d2cd1649-16b8-4d9c-a4c5-2825cb31a5e7) --
Namespace: *
Name: admin
ID: d2cd1649-16b8-4d9c-a4c5-2825cb31a5e7
Display Name:
Email: [email protected]
First Name: admin
Last Name:
Department:
Title:
Description:
Account Disabled: false
Account Locked: false
Account Unlocked At: 1970-01-01 00:00:00Z
Account Valid From: 2022-01-09 00:09:42Z
Account Valid To: 2222-01-09 00:09:42Z
Account Without Password: false
Last successful Login At: 2022-01-22 19:28:12Z
Last unsuccessful Login At: 2022-01-21 10:58:26Z
Password Valid To: 2035-12-31 12:00:00Z

Unlocking admin user account

If you have had attempted to login to oVirt / RHEV Administration Portal too many times with the wrong password, then the admin user account may be locked.

The following command is used to unlock admin user account:

[[email protected] ~]$ sudo ovirt-aaa-jdbc-tool user unlock admin

We have learned how to reset local domain admin user password in oVirt / RHEV environment.

coffee

Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.