cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

CLI root Password Recovery Process for Prime Infrastructure (PI) on Virtual Appliances

2717
Views
5
Helpful
3
Comments

Hi Folks, greetings.

We had a problem a few days ago, and I would like to share its solution with the community. So, if someone else is facing the same problem, it may be very handy.

Version information of installed applications
=================================
Cisco Prime Infrastructure
********************************************************
Version : 3.1.0
Build : 3.1.0.0.132
Running on Virtual Appliance.
********************************************************
The customer set the shell password, but when the TAC engineer needed to use it, he had forgotten what password was set.
After a quick search, we found the document "CLI Root User Password Recovery Process for Prime Infrastructure (PI) on Virtual Appliances", on http://www.cisco.com/c/en/us/support/docs/cloud-systems-management/prime-infrastructure/200760-CLI-Root-User-Password-Recovery-Process.html.

Regarding the referred document, for the sake of simplicity, I will show only the steps 5 and 6.

As outlined in the document:

Step 5. Change root to the PI install location with the help of command: # chroot /mnt/sysimage.
Step 6. Move /storeddata/rootpatchpw with the help of command: #mv /storeddata/rootpatchpw /root/. ==> In our case, This didn't work, since the file could not be found under /storeddata folder, as can be seen bellow:

bash-4.1# ls -l /storeddata/
drwxr-xr-x. 3 root root  4096 Apr 17 13:41 Installed
drwxr-xr-x. 2 root root  4096 Apr 17 13:41 Installing
drwxr-xr-x. 3 root root  4096 Apr 17 13:41 Manifest
drw-r--r--. 2 root root  4096 Apr 17 13:41 ToInstall
drwx------. 2 root root 16384 Apr 11  2016 lost+found

Instead, I managed to find the file under the /storedconfig folder, as bellow:

bash-4.1# ls -l /storedconfig/
lrwxrwxrwx. 1 root root      39 Apr 19 11:30 active -> /storedconfig/startup-config-1492612224
drwxr-xr-x. 3 root root    1024 Apr 17 12:16 fixed
drwx------. 2 root root   12288 Apr 11  2016 lost+found
-rw-rw-rw-. 1 root gadmin    28 Apr 18 17:31 rootpatchpw
drwxr-xr-x. 3 root root    1024 Apr 19 11:30 startup-config-1492612224       

Thus, in our case, step 6 should have to be re-written as bellow:

Step 6. Move /storedconfig/rootpatchpw with the help of command: #mv /storedconfig/rootpatchpw /root/.

After proceeding as outlined above and following the remaining of the document, we were able to reset the password and have it recreated thereafter.

I have attached a PDF file containing a set of screenshots showing all the process up to the root password redefinition.

IMPORTANT NOTE:

By the way, by trying to edit the virtual appliance settings (refer to the attached PDF), you may receive the following message:

You cannot use the vSphere Client to edit ...

If that's the case, one may need to modify the hardware version of the VM.
To do so, you need to edit the VM definitions.

1 - Open the datastore location of the VM;
2 - Copy the VM settings file (.vmx file) to your workstation;
3 - Locate the entry virtualHW.version;
4 - Modify it to virtualHW.version = "8";
4 - Copy it back to the datastore;
5 - Right click on the VM and choose Remove from Inventory;
6 - In the VM datastore, right click on the vmx file and choose Add to Inventory.

Now you are able to edit the VM settings, as outlined on the PDF file.


The proposed workaround is not supported by VMWare, but I have used it a bunch of times and so far, never had a problem.

HTH.

Regards,

Alvaro Motta

AL

Comments
Beginner

Hello Guys

 

Please let me know if anyone know how to recover CLI root password on Physical Appliance on priority basis.

 

Thanks in advance.

 

Regards,

Irshad

Beginner

Hi to All,

 

@Alvaro Luiz Maia Motta are you confirm the user who wants to access the CLI on shell/root mode forgotten the password. try to enter the password 16-20 times if user is saying that this could be the password. because in my experience prime infra version 3.1 have the bug or security confirmation which accept the password in 16+ times. although the bug has been removed in higher version and updates 

 

@Irshad while irshad you must have to follow the above steps if doesnt work then installed new VM or contact to TAC to recover it :)

Beginner

While this article is helpful in that it shows that the Cisco document had incorrect syntax (not to mention, typos) it still did not help my situation, other than prompting me to do a google search on "rootpatchpw", which led me to this other Cisco Community Article, which ultimately DID solve my problem (Prime Infrastructure 3.1 stuck in a boot loop due to file system corruption):

 

NCS boot loop at ADE OS (VMDK Recovery)

 

I added quite a long note of my experience, as the original article is over 6 years old at the time of my posting.

 

Good luck!

CreatePlease to create content
Content for Community-Ad