Avoid password expiry on NSX managers and edges
From Notes_Wiki
Home > VMWare platform > VMWare NSX > Avoid password expiry on NSX managers and edges
Increase no of days to password expiry
To avoid automatic password expiry for root, audit and admin users on both NSX manager and Edges use:
- SSH to manager using individual IP (not cluster IP) using admin credentials
- Run following commands to prevent password-expiration for the three accounts:
- set user admin password-expiration 9999
- set user audit password-expiration 9999
- set user root password-expiration 9999
- Setting value to 9999 might be better then disabling password expiry all together as some checks might require password expiry to be enabled.
- Validate settings have taken effect:
- get user admin password-expiration
- get user audit password-expiration
- get user root password-expiration
- Do the same for the Edges
Reset admin or audit passowrd
If root password is expired we can still login into console with old expired password. Immediately after login we would be forced to change the expired password.
Root password can be reset, if forgotten, as explained at:
If we have working root password and we want to reset audit/admin password then:
- Login into NSX manager (Any one)
- Run:
- /etc/init.d/nsx-mp-api-server stop
- passwd admin
- passwd audit
- touch /var/vmware/nsx/reset_cluster_credentials
- /etc/init.d/nsx-mp-api-server start
- Then also do
- su - admin
- set user admin password
- <Enter old and new passwords. Here old password is the one set in above steps>
- Reboot at least one of the three network managers
- shutdown -r now
- After network manager finishes rebooting, try the web login in a Incognito browser
Home > VMWare platform > VMWare NSX > Avoid password expiry on NSX managers and edges