A colleague of my, had some troubles making an API call to the NSX-T Managers in a particular site.
Looking closer into vRA we saw the following message:
So we decided to log into one of the NSX-T managers, and we directly saw the following:
Since the password was expired, we were asked to change it during login. However, the NSX-T managers are part of a vCF cluster. So the best way to change this is through the SDDC-Manager, if that’s what we wanted. There was no reason for us to change the password, besides the fact that it had expired. But for our environment we wanted to everything to stay the same. So in this case we changed the password back to the original password with the paswd command, and wanted to remove the password expiration timer.
Now the best way to do this is by using the official VMware documentation, instead of doing it on the Linux way. For this we used the following documentation.
For vRA and other services being able to keep running, we removed the password expiration for the following accounts:
Root, admin & audit.
To remove this, first SSH to the NSX-T Manager and login with root.
Then change the login to the user admin. Make sure you’re using the shell as admin, since root will not be able to use the upcoming commands. You can change the user with:
su admin
Then check the password expiration policy with the command:
get user admin password-expiration
Most likely this is set to 90 days, which is the default policy after deploying NSX-T.
Now to remove the password expiration policy, use the command:
clear user admin password-expiration
Do this for all 3 standard users (root, admin, audit).
Check if the password expiration policy has been removed by repeating the command:
get user admin password-expiration
If everything is alright you should see the following.
I hope this was helpful.
If by any chance you want to change the password policy expiration-time to a different aging policy, you can do that for example with the command:
set user admin password-expiration 120
Which of course can be dan per user.
With the set command you can also change the user password:
set user admin
Alright, let me know if this was of any value for you.
Samir is the author of vSAM.Pro & a Life enthusiast who works as a consultant in the field of IT. With a great passion for Tech & Personal Development, he loves to help people with their problems, but also inspire them with a positive outlook on life.
Besides that, he is also a big Sport & Music junky that loves to spend a big chunk of his time on producing music or physically stretching himself.
