I thought I share this quick tidbit about the VCSA (vCenter Server Appliance) default password for the vCenter SSO Administrator account as I was just asked about it today and this was something I had research just earlier in the week. In the Windows version of vCenter SSO installation, users are prompted during the install to select a password for this account, you might have seen it show up as admin@System-Domain. For the VCSA, vCenter SSO is already installed and you might be wondering what the default password is?

Well, the answer is “ there is no default password. During the installation process, there is a random password that is generated and once the installation is complete, the password is then immediately removed. This is a good thing from a security perspective, by not having a default password set. This account is not only a vCenter SSO Administrator but it also the only account that has access to the internal RSA IMS system. You should definitely go in and set a password for this account after setting up your VCSA which can only be done through the vSphere Web Client.

Here are the steps:

1. Click on the Administration tab on the left hand side of the vSphere Web Client navigation bar.

2. Next click on “SSO Users ad Groups” and you should see the admin user account.

3. Lastly, you just need to right click and edit the user or select the pencil icon and set a password for the admin user account. Be sure to use a strong password, as there is a password validation before the system accepts the change.

Big thanks goes out to Michael Haines for helping me track down this answer about the default (or not so default) password for the admin account on the VCSA.

5 thoughts on “Default Password for vCenter SSO Admin Account on VCSA

  1. Hi; nice article.

    I am baffled. If there is no password to login to the web client interface for admin@System-Domain, how does initially log into the web client at all?

    I’ve tried blank passwords and the root account’s password, but to no avail.

    My assumption is that I need to first get into SSO admin in order to assign rights to AD accounts, right?

    Thanks,

    Kim

    • @Kim,

      As mentioned in the article “During the installation process, there is a random password that is generated and once the installation is complete, the password is then immediately removed.”

      You don’t login as admin@System-Domain when you first login, you will login using root. From there you could add additional local SSO users OR connect to directory source such as openLDAP or AD and set the appropriate permissions for others to login.

  2. I have lost my access to vCenter and hosts when logging to Web Client with AD account. I see everything with Root, recking my brain“ My servers took a hard shutdown do to power outage.

Thanks for the comment!