top of page

mscloudtechnology.com

Search

VCF Automation : Resetting and Remediating vRLI Admin Password via PowerShell & VCF API.

Milton Sarkar
5 days ago
2 min read

This PowerShell script is designed to automate the reset of the admin password on the primary vRLI node and remediate (update) the new credentials in the VMware Cloud Foundation (VCF) system.

Use Case:

This script is useful for:

VCF Admins resetting forgotten or expired vRLI admin passwords.
Ensuring VCF-managed credentials remain in sync after a manual or automated password reset.

You can download the script from GitHub:

https://github.com/miltonaece/mscloudtechnology/blob/main/VCFAutomation_resetAdminPassword-vRLI.ps1

Detailed Script Analysis:

1. Set Credentials for VCF Connection

The script begins by defining the vcf-report service account password, required to authenticate against the SDDC Manager API.

2. Authenticate with SDDC Manager

The script requests a VCF API token and establishes a connection to the VCF environment:

Request-VCFToken ...

connect-VcfSddcManagerServer ...

This step enables further PowerShell operations against VCF components.

3. Get vRLI Deployment Info

Using the get-vrliServerDetail command, the script fetches vRealize Log Insight (vRLI) cluster metadata:

$vRLIInfo = get-vrliServerDetail ...

It extracts the primary node FQDN (in this example, node3Fqdn) for SSH access.

4. Reset the vRLI Admin Password Over SSH

A remote SSH command is run against the vRLI primary node:

/usr/lib/loginsight/application/sbin/li-reset-admin-passwd.sh --resetAdminPassword

This command:

Resets the admin password.
Returns the new password to stdout.

The script uses regex to capture the new password securely from the SSH output.

5. Store and Output the New Password

If the reset is successful, the new password is extracted and displayed:

Write-Host "New Admin Password: $newPassword"

6. Re-authenticate with New Admin Credentials

A new password (Password!234) is used (note: possibly a hardcoded override). The script reconnects to SDDC Manager with the updated credentials.

8. Trigger VCF Credential Remediation

Final step — Update new admin password from SDDC Password management section.

It's demo time. Let's run the script.

SDDC connected successfully and obtained the access token:

Enter the root password for Primary vRLI:

In my case node A

The admin password has been reset:

Log in to the SDDC Manager and Remediate the vRLI admin user's password in the Password Management section.

You can monitor the progress from the task section. The task has been successfully completed.

You should now be able to log in to vRLI using the new admin user's password.

Recent Posts

VCF : Password management operation failed in pre-validation stage.

VCF : Password management operation failed in pre-validation stage.

VCF Automation: Verifying VMware Aria operations for logs (vRLI) Admin Status in a VCF Environment Using PowerShell & PowerVCF.

VCF Automation: Verifying VMware Aria operations for logs (vRLI) Admin Status in a VCF Environment Using PowerShell & PowerVCF.

Tips to help you pass the VMware VCP-VCF v5.2 Administrator exam

Tips to help you pass the VMware VCP-VCF v5.2 Administrator exam

Comments

bottom of page