Disable password expiry on SDDC Manager

From Notes_Wiki

Home > VMWare platform > vCloud Foundation > Disable password expiry on SDDC Manager

We should disable both root and vcf user password expiry on SDDC Manager via:

  1. Either SSH to SDDC manager and login as vcf user. Then use 'su -' and enter root password to get root shell
    OR open remote console for SDDC manager VM via vCenter. Login with root user and root password
  2. If vCenter root or SDDC manager root or SDDC manager vcf passwords expire internal automation may not work and we may not get the UI to SDDC manager working.
    See https://datareload.com/when-passwords-expire/
    Hence it is very important to disable password expirty for vCenter via Disable root password expiry on vCenter and NSX components via Avoid password expiry on NSX managers and edges along with disabling it for SDDC manager as explained below
  3. To disable password expiry for root and vcf use: 
    chage -M 9999 root
    

    chage -l root
    

    

    chage -M 9999 vcf
    

    chage -l vcf
  4. If the password for vcf and/or root has expired we are forced to change it. We cannot reuse any of the old 5 / 7 passwords for these accounts. Hence we should first reset password to 4-5 random passwords in between before we can reset the password to original value.
    To change password use: 
    passwd <username>
  5. If accidentally typed wrong password reset count via: 
    pam_tally2 -u vcf -r
    

    pam_tally2 -u root -r


Home > VMWare platform > vCloud Foundation > Disable password expiry on SDDC Manager

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Disable_password_expiry_on_SDDC_Manager&oldid=7472"