If you experience that your inventory sync of VMware Identity Manager Services fails with vRealize Suite Lifecycle Manager, or you are trying to add a new product such as vRealize Automation (vRA) and the install fails, or maybe your local user within System Directory password is lost or expired and you don’t have an SMTP configured or maybe it is simply forbidden in your environment or dark site, don’t worry because there’s a simple solution how to reset your local user password and that’s the VMware Identity Manager Rest API. You can find following VMware KB83586 where is a similar process explained, but I will use Postman for those API calls.
First of all download and install Postman, it’s free.
Now, login into Workspace ONE or VMware Identity Manager Admin Console to configure vIDM to use the OAuth2 token. Click on the Catalog and select Settings.
Click Remote App Access and choose Create Client.
Select Service Access Token from the dropdown menu, and type in Client ID (eg., Postman), expand Advanced, and click on Generate Shared Secret. Click on Add. You can also determine for how long are your bearer tokens valid (see TTL columns).
Now, start the Postman and open a new tab. Choose Authorization and select OAuth 2.0 as the type. Click on Get New Access Token:
now type in Token Name (e.g., vIDM), choose Client Credentials for Grant Type. Under Access Token URL enter https://yourIDMurl/SAAS/auth/oauthtoken and fill in your Client ID and your Client Secret (check your vIDM OAuth 2.0 Client in vIDM). Under Scope enter admin and choose Client Authentication -> Send as Basic Auth Header. Click Request Token.
and your token will be created, now click on Use Token:
Now you are all set to use vIDM Rest API.
In your Postman tab select GET as HTTP Method and enter the following URL:
https://yourIDMurl/SAAS/jersey/manager/api/scim/Users?filter=username%20eq%20%22yourUser%22
Replace yourUser with a username you want to reset the password. Click on Send.
This call will return a set of attributes for that user and you can find below your User ID. If everything is fine you will also get Status: 200 OK.
In your Postman tab select PATCH as HTTP Method and enter the following URL:
https://yourIDMurl/SAAS/jersey/manager/api/scim/Users/UserID
Replace User ID with a ID you found with GET request. Now click on Body and choose RAW and enter the following piece of code with your new password within.
{ “password”: “MyNewPassword01!” }
Click on Send.
This will update the local user password in vIDM and return Status: 204 No Content.
That’s it, your local user will be able to log in again or you can retry with your install or sync process in vRealize Lifecycle Manager (vRSLCM) and it will work now.