How to Unlock ESXi hosts – you can not login at all

The root account of the ESXi hosts can be locked due to many failed login attempts. In this instance, you will not be able to connect to the host via web GUI or SSH. This can be due to many reasons, such as expired credentials / Brute force attacks and can cause Monitoring systems. Most of the time, I ended up with monitoring system related issues.

So, today we will look at the resolution steps.

There are requirements to be checked in advance following the below steps

Need physical console access or DCUI access (either using the iLO/iDRAC console)

The steps are as below (commands are in Italic and Bold)

1. Login to the DCUI console with the root credentials (do not worry you can access)

2. Enable SSH and shell access under the “Troubleshoot options”

3. Go to view logs and select syslogs and find the causing IP address

4. Then come back to DCUI main menu and press Alt + F1 to get the console

5. Execute the command pam_tally2 –user root to check how many failures and to identify the causing the IP address (in my case, the IP address of the monitoring system)

6. If you are confident on the source IP, you may unlock the root account by executing the pam_tally2 –user root –reset command

7. Just monitor for 15 minutes, if you notice re occurring failed attempts, you will have to change the IP or Power off the source (which we identified in step 3 & 5)

8. If you don’t notice any issues, you are good to go.

Bulk Upgrade VMware Tools – the manual way

VMware tools is something that significantly increase the performance of the VMs. Most of the time we tend to ignore VM tool upgrade even after ESXi host upgrades. This VM tools upgrade would be challenging if the VM count is too high, in that case we can not upgrade one VM at a time. In that case, we might need to use the batch/bulk upgrades.

In order to do bulk upgrades, we can use 2 different methods.

  1. Bulk Manual way
  2. Power CLI batch upgrade

Today, we are going to look at the Bulk Manual way

Step 01: Access the vSphere or vCenter web console and go the relevant host or cluster resource

Step 02: Go to “VMs and Templates” and click on the folder containing your VMs.

Step 03: click on the “Virtual Machines” tab. For the vSphere Web Client, click on the “Related Objects” tab and then “Virtual Machines”.

Step 04: (since you can’t do a multiple select in the left pane), click on one of the VMs you’d like to upgrade, hold Ctrl and then start clicking the other VMs.

Step 05: Now right-click on one of the VMs, then “Guest” (“Guest OS” in the Web Client), and then Install/Upgrade VMware Tools. Once the “Install/Upgrade VMware Tools” screen pops up, paste the following in the “Advanced Options” and click OK or Continue

/S /v”/qn REBOOT=R”

(this command line switch will do the silent installation without a reboot, but in order to complete the installation, a reboot is mandatory at a later maintenance window)