Vblock® Systems Password Management

www.vce.
com
Vblock Systems
Password Management
Version 1.0
June 2015
Vblock Systems Password Management
Revision history
Revision history
Date
Document revision
Description of changes
May 2015
1.0
Initial release
2015 VCE Company, LLC.
All Rights Reserved.
Contents
Contents
Introduction................................................................................................................................................. 4
Accessing VCE documentation.................................................................................................................5
Compute and networking...........................................................................................................................6
Modifying the Cisco CIMC password..................................................................................................... 6
Modifying the Cisco Nexus, Cisco IOS, and Cisco MDS password....................................................... 6
Modifying the Cisco UCS password....................................................................................................... 7
Changing the password using the Cisco UCS Manager GUI.......................................................... 7
Changing the password using the Cisco UCS Manager CLI........................................................... 7
Storage.........................................................................................................................................................9
Modifying the EMC VNX password........................................................................................................ 9
Modifying the EMC NAS storage Control Station password.................................................................. 9
Modifying the EMC VNXe password.................................................................................................... 10
Modifying the EMC VMAX password................................................................................................... 11
Modifying the EMC XtremIO storage management password............................................................. 11
Management..............................................................................................................................................13
Changing a VMware ESXi host root password.................................................................................... 13
Changing the password using VMware vSphere Client.................................................................13
Changing the password using the ESXi shell command............................................................... 14
Changing the password using the ESXi host System Customization menu.................................. 14
Modifying the VMware vCenter Server Single Sign On password....................................................... 14
Changing virtual machine operating system administrative passwords............................................... 15
Changing the server administrator password in Windows 2008 R2.............................................. 15
Changing the server administrator password in Windows 2012.................................................... 16
Changing the Ionix Unified Infrastructure Manager Provisioning Center (UIM/P) password................16
VCE Vision Intelligent Operations credentials....................................................................................17
Changing the default password for user root....................................................................................... 17
Changing the password for the vision-integration user........................................................................ 17
Changing the Central Authentication Service (CAS) password for the admin user............................. 18
Updating VCE Vision software access credentials for Vblock System components............................ 20
Introduction
Introduction
This document contains instructions for modifying the default administrator and/or root accounts and
passwords for Vblock System components.

Default accounts and passwords are configured by the vendor or during the initial Vblock System
manufacturing build. Such accounts and passwords, if not changed, could be used to compromise the
system in production. Modifying the default passwords enhances customer security and facilitates
handing over credentials modification from VCE manufacturing to the customer.
The target audience for this document includes VCE solution engineers, field consultants, advanced
services specialists, and customer Vblock System administrators.
To suggest documentation changes and provide feedback on this document, send an email to
docfeedback@vce.com. Include the name of the topic to which your feedback applies.
Accessing VCE documentation
Accessing VCE documentation

Select the documentation resource that applies to your role.
Role
Resource
Customer
support.vce.com
A valid username and password are required. Click VCE Download Center to access the
technical documentation.
VCE Partner
partner.vce.com
A valid username and password are required.
Cisco, EMC, VCE, or

VMware employee
portal.vce.com
VCE employee
sales.vce.com/saleslibrary
or
vblockproductdocs.ent.vce.com
Compute and networking
Modifying the Cisco CIMC password

Use this procedure to change the default passwords for local accounts on the Cisco Integrated
Management Controller (CIMC).
Before you begin
Make sure you have access to the Cisco CIMC. Open a browser and navigate to the IP address of the
CIMC.
Procedure
1
On the Admin tab, select User Management.
Select the Local User tab.
Double-click the local user admin account.
In the User Details dialog box:

a
Select the Change Password checkbox.
Type the new password in the New Password and Confirm New Password fields.
Click Save Changes.
Modifying the Cisco Nexus, Cisco IOS, and Cisco MDS

password
If user accounts are locally managed, use this procedure to change the default network administrator
password for admin user.
About this task
This procedure applies to the Cisco Nexus 3000, Nexus 9000, Nexus 1000V, Catalyst 3000, and MDS
series switches.
Procedure
1
Use an SSH session to connect to the management IP of the switch containing the admin
account.
Assign a new network administrator password. To do this, type: configure terminal.
Type: username admin password new password.
Type: exit.
Save the configuration by typing: copy running config startup-config.
Modifying the Cisco UCS password

Use this procedure to change the administrator password for Cisco UCS Manager.
Change the password using the Cisco UCS Manager GUI or CLI.
Changing the password using the Cisco UCS Manager GUI

Before you begin
Log in to Cisco UCS Manager.
Procedure
1
Click the Admin tab. Under All, select User Management > User Services > Locally
Authenticate Users > admin.
In the right pane, click the General tab.
Type the new password in both the Password and Confirm Password text boxes.
Click Save Changes.
Changing the password using the Cisco UCS Manager CLI

Before you begin
Use an SSH session to connect to the IP address of the fabric interconnect containing the admin user
account.
Procedure
1
To change the password, set the security mode. To do this, type:

admin
scope security
The following is an example:
login as: admin
Vblock-UCS-1# scope security
Enter the new password and then confirm it. To do this, type: set password. Type a new
password and confirm it.
The following is an example:
Vblock-UCS-1 /security # set password
Enter new password:
Confirm new password:
Commit the transaction. To do this, type: commit buffer.
Storage
Storage
Modifying the EMC VNX password

Use this procedure to change the default password for the global domain account.
Before you begin
Log in to EMC Unisphere.
Procedure
1
From the All Systems window, select Domains.
Select Manage Global Users.
Under Users, select sysadmin. Click Modify.
In the Modify Global User dialog box, change the password.
Modifying the EMC NAS storage Control Station password

Use this procedure on each array to change the default nasadmin and root (local account) password.
Before you begin
Log in to EMC Unisphere with sysadmin (global account).
Procedure
1
Perform the following on each array:

a
Select the array.
Select Settings > Security > Local Users for File

Note: You can also change global accounts here.
Select nasadmin and click Properties.
Change the password.
Select root and click Properties.
f
2
Storage
Change the password.
Verify the passwords:

a
Log in to the active Control Station as nasadmin.
Type su and verify the root password.
Switch to the standby Control Station, which is still using the original local account passwords.
a
While still logged in to the active Control Station with root privileges, type the following
command: /nas/sbin/cs_standby -failover
This synchronizes the control stations, reboots the active Control Station, and activates the
standby Control Station. Note that, as part of the out-of-band communication and without an
active Control Station online:
In-band (production) data is not disrupted
Data move failover cannot occur
Auto-extension of file systems will not occur
Scheduled checkpoints will not occur
Replication sessions might be disrupted
Log in to the active Control Station (the previous standby Control Station).
Verify the new nasadmin password.
Type su and verify the root password.
Failback to the original primary Control Station. To do this, type: /nas/sbin/cs_standby

-failover
Modifying the EMC VNXe password

Use this procedure to change the default password for the administrator and service accounts.
Before you begin
Log in to EMC Unisphere.
Procedure
1
To change the admin account password, select Settings > More Configuration > Manage
Administration.
10
Storage
Select admin and click Reset Password.
Enter and confirm the new password.
To change the service account password, select Settings > Service System. Click Change
Service Password.
Note that you can also use either of the following methods to change the password:
Click Execute service action
From an SSH session, type the following command: svc_service_password
Modifying the EMC VMAX password

Use this procedure to change the default EMC VMAX password.
Before you begin
Log in to EMC Unisphere for VMAX with smc user credentials.
Procedure
1
Select All Symmetrix > Home > Administration > Security > Local User.
Select smc user and click Change Password.
In the Change Password dialog box:

a
Enter the Current Password.
Click OK.
Modifying the EMC XtremIO storage management password

Use this procedure to change the default administrator password for EMC XtremIO.
Before you begin
Log in to the XtremIO GUI utility.
Procedure
1
Select Administration. On the Security tab, select Users Administration.
11
Storage
In the Users Administration pane, highlight the user for which you want to modify the password
and click Edit.
In the Edit dialog box, enter and confirm the new password.
Click OK.
12
Management
Management
Changing a VMware ESXi host root password

For security reasons it might be necessary to change the password for the root user on a VMware ESXi
host after installation.
Use any of the following methods to change the root password for the VMware ESXi host:
vSphere Client
ESXi shell command
ESXi host System Customization menu
Changing the password using VMware vSphere Client

Before you begin
Log in to the ESXi host service console as root user.
Procedure
1
Log in to VMware vSphere Client.
Select Home > Inventory.
In the left pane, select the ESXi server name or IP address. Tabs for the server appear in the
right pane.
Select the Local Users & Groups tab.
Double-click the root user.
Select the Change password checkbox.
In the Edit User - root dialog box, enter and confirm a new password.
Click OK.
13
Management
Changing the password using the ESXi shell command

Before you begin
You can also acquire root privileges by executing the su command.
Procedure
1
When prompted enter the current password.
To change the root password, type: passwd root.
Enter the new root password. Press Enter.
Verify the password by entering it again.
Changing the password using the ESXi host System Customization

menu
Before you begin
You can also acquire root privileges by executing the su command.
Procedure
1
From the System Customization menu of the ESXi host, use the keyboard arrows to select
Configure Password. Press Enter.
In the Configure Password dialog box, fill in the required fields to change the password:
a
Enter the Old Password of the ESXi host.
Enter the new root password in the New Password field. Re-enter it in the Confirm
Password field.
Press Enter.
Modifying the VMware vCenter Server Single Sign On

password
Use this procedure to change the default password for the VMware vCenter Single Sign On administrator
account.
14
Management
Before you begin

Log in to the VMware vSphere web client and connect to vCenter.
Access the web client using either of the following methods:
Open the browser and type the following URL: https://vcenterlp:9443/vsphere-client
From the Start menu, choose All Programs > VMware > VMware vSphere Webclient.
Procedure
1
In the left pane, select Administration.
Under Administration, select SSO Users and Groups. The admin user displays in the right pane.
In the Users tab, right-click the admin user.
In the admin Edit dialog box, set and confirm the password for the admin user account. Be sure to
use a strong password as the system validates the password before accepting it.
Click OK.
Changing virtual machine operating system administrative

passwords
Use this procedure to change the virtual machine operating system server administrator password in
Windows 2008 R2 and Windows 2012.
Changing the server administrator password in Windows 2008 R2

Use this procedure to change the server administrator password in a Windows 2008 R2 environment.
Procedure
1
Log in to the server using the Administrator account.
From the Start menu, select Control Panel > User Accounts > User Accounts.
Under Make changes to your user account, select Change your password.
Type your password in Current password.
In New password, type a new password.
Retype the password in Confirm new password.
15
Management
In Type a password hint, provide a word or phrase to remind you of your password. This is
optional.
Click Change password.
Changing the server administrator password in Windows 2012

Use this procedure to change the server administrator password in a Windows 2012 environment.
Procedure
1
Log in to the server using Remote Desktop.
Press the Windows key. Type Administrative tools.
Double-click Computer Management.
Expand Local Users and Groups. Select Users.
Right-click Administrator and choose Set Password.
Click Proceed.
Click OK.
Changing the Ionix Unified Infrastructure Manager

Provisioning Center (UIM/P) password
Use this procedure to change the sysadmin account password in Ionix Unified Infrastructure Manager
(UIM).
Procedure
1
Launch Configuration Center from within UIM. Locate the launch link in the top-right corner of
UIM, third icon from the right (next to the logout button).
From Configuration Center, choose UI Control > Change Password.
16
VCE Vision Intelligent Operations credentials

Managing credentials involves changing the default passwords for VCE Vision Intelligent Operations to
comply with your organization's security policies. It also involves changing access credentials for Vblock
System components.
Changing the default password for the root user

The VCE Vision virtual machine runs on CentOS Linux and has a root user. You should change the
default password for the root user when you first start using VCE Vision software.
Before you begin
Connect to the VCE Vision virtual machine.
Procedure
1
Run passwd.
Enter and then confirm the new password for the root user when prompted. The following is
example output for a successful password change:
[root@hostname ~]# passwd
Changing password for user root.
New password:
Retype new password:
passwd: all authentication tokens updated successfully
What to do next
You can optionally specify a password aging policy with the chage command. Run chage -h to view
help usage.
Changing the password for the vision-integration user

The vision-integration user authenticates REST API calls internally to the VCE Vision virtual machine to
facilitate integration between some services. The default password is a complex, encrypted string that
does not need to be known. However, you can change the default password by providing the password
for the CAS admin user using a built-in script.
About this task
If you change the password for the vision-integration user, VCE Vision software also updates the
password in the necessary properties file.
17
Before you begin
Determine a new password, understanding that the CAS password:
Is case sensitive.
Must be between 8 and 20 characters in length.
Must include one uppercase letter, one digit, and one special character.
Cannot contain any of the following special characters: \ / % + ' " ( ) ; : < > |
Connect to the VCE Vision virtual machine
Procedure
1
Run /opt/vce/fm/bin/integrationChangepw.sh.
The following message displays:
Warning: This script will restart Asset Manager service.
Please ensure that a maintenance window has been scheduled,
and there is no active upgrade session going on.
Do you want to continue ([y/n])?
Enter y to continue. The script then prompts you with the following:
Please enter current admin password:
Enter the current Central Authentication Service (CAS) administrator password.
Enter the new password for the vision-integration user and then confirm it when prompted.
The script restarts the tomcat-asset-mgr service and displays the following message:
CAS password has been changed for vision-integration user.
Changing the Central Authentication Service (CAS) password

for the admin user
VCE Vision software uses a Central Authentication Service (CAS) for authentication to web services. As a
best practice, you should change the default password for the admin user, which has full administrator
privileges.
18
About this task

Changing the CAS password involves running a script on the VCE Vision virtual machine that updates the
password, encrypts it, and then saves it internally. After this password is changed, any client applications
that are configured with it will also need to be updated, including the Plug-in for vCenter and Adapter for
vCenter Operations Manager.
Before you begin
Determine a new password, understanding that the CAS password:
Is case sensitive.
Must be between 8 and 20 characters in length.
Must include one uppercase letter, one digit, and one special character.
Cannot contain any of the following special characters: \ / % + ' " ( ) ; : < > |
Connect to the VCE Vision virtual machine
Procedure
1
Run /opt/vce/fm/bin/slibCasChangepw.sh
The script prompts you with the following message:
Warning: This script will restart JBoss, Vision FM Agent and other services.
Please ensure that a maintenance window has been scheduled,
and there is no active upgrade session going on.
Do you want to continue ([y/n])?
Enter y to continue. The script then prompts you with the following:
Please enter current admin password:
Enter the current password for the admin user and then confirm it when prompted.
The script restarts services and displays the following message:
CAS password has been changed for admin user.
Please update vCenter plugin Administration Settings and any other client applications
using this password.
19
Updating VCE Vision software access credentials for Vblock

System components
VCE Vision software retrieves credentials from the vblock.xml file to connect to the Vblock System
components. In this way, VCE Vision software can access the components for discovery and health
polling. If the credentials to access a Vblock System component change, you must update the
vblock.xml file to reflect that change.
Before you begin
Verify the access credentials for the component.
Verify the configuration file where VCE Vision software retrieves the credentials, if not the default
vblock.xml.
Connect to the VCE Vision virtual machine.
Procedure
1
Run cd /opt/vce/fm/bin.
Run configTool.sh.
The script prompts you with the following:
Press Enter to display the list of available templates, or Enter the full path of an
existing vblock.xml file:
[/opt/vce/fm/conf/template] :
Enter the full path of the existing vblock.xml file you are modifying.
The default path is as follows: /opt/vce/fm/conf/.
The script prompts you to select a vblock.xml file, as follows:
(1)
vblock.xml
Enter the number that corresponds to the system you are configuring ['0' to specify
new file or directory]:
Enter 1 to continue.
The script displays the following message: Loaded: /opt/vce/fm/conf/vblock.xml
20
Follow the prompts and make any changes to the attribute information for the Vblock System.
Refer to Configuring the vblock.xml file in the VCE Vision Intelligent Operations Installation Guide
for information about each prompt and the attribute information you can enter. When you finished
making changes, the script starts the validation process.
If the validation is successful, the script displays the following message:

No validation errors on current Vblocks object tree.
If the validation is not successful, verify the information and modify the vblock.xml file as
required.
After validation is complete, the script prompts you with the following:
Enter a filename or Press Enter to save in [/opt/vce/fm/conf/vblock.xml] :
Press Enter.
The script prompts you with the following:
File exists would you like to overwrite (y/n)?
Enter y. The script displays the following message:

Saved to: /opt/vce/fm/conf/vblock.xml
Related information
Accessing VCE documentation (see page 5)
21
www.vce.com
About VCE
VCE accelerates the adoption of converged infrastructure and cloud-based computing models that dramatically reduce the
cost of IT while improving time to market for enterprises and service providers globally. Through its leading Vblock
Systems, VCE delivers the industry's only true converged infrastructure, leveraging Cisco compute and network
technology, EMC storage and data protection, and VMware virtualization and virtualization management. VCE solutions
are available through an extensive partner network and cover horizontal applications, vertical industry offerings and
application development environments, enabling customers to focus on business innovation instead of integrating,
validating, and managing IT infrastructure.
For more information, go to http://www.vce.com.
2015 VCE Company, LLC. All rights reserved. VCE, Vblock, VCE Vision, and the VCE logo are registered trademarks or
trademarks of VCE Company, LLC. and/or its affiliates in the United States or other countries. All other trademarks used
herein are the property of their respective owners.
22

Vblock® Systems Password Management

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Vblock® Systems Password Management

Uploaded by

Copyright:

Available Formats

www.vce.

Vblock Systems Password Management

2015 VCE Company, LLC.

All Rights Reserved.

Vblock Systems Password Management

2015 VCE Company, LLC.

All Rights Reserved.

Vblock Systems Password Management

passwords for Vblock System components.

2015 VCE Company, LLC.

All Rights Reserved.

Vblock Systems Password Management

Accessing VCE documentation

Accessing VCE documentation

Cisco, EMC, VCE, or

2015 VCE Company, LLC.

All Rights Reserved.

Vblock Systems Password Management

Compute and networking

Compute and networking

Modifying the Cisco CIMC password

On the Admin tab, select User Management.

Select the Local User tab.

Double-click the local user admin account.

In the User Details dialog box:

Select the Change Password checkbox.

Click Save Changes.

Modifying the Cisco Nexus, Cisco IOS, and Cisco MDS

2015 VCE Company, LLC.

All Rights Reserved.

Vblock Systems Password Management

Compute and networking

Assign a new network administrator password. To do this, type: configure terminal.

Type: username admin password new password.

Save the configuration by typing: copy running config startup-config.

Modifying the Cisco UCS password

Changing the password using the Cisco UCS Manager GUI

In the right pane, click the General tab.

Click Save Changes.

Changing the password using the Cisco UCS Manager CLI

2015 VCE Company, LLC.

All Rights Reserved.

Vblock Systems Password Management

Compute and networking

To change the password, set the security mode. To do this, type:

Commit the transaction. To do this, type: commit buffer.

2015 VCE Company, LLC.

All Rights Reserved.

Vblock Systems Password Management

Modifying the EMC VNX password

From the All Systems window, select Domains.

Select Manage Global Users.

Under Users, select sysadmin. Click Modify.

In the Modify Global User dialog box, change the password.

Modifying the EMC NAS storage Control Station password

Perform the following on each array:

Select the array.

Select Settings > Security > Local Users for File

Select nasadmin and click Properties.

Change the password.

Select root and click Properties.

2015 VCE Company, LLC.

All Rights Reserved.

Vblock Systems Password Management