VMware Cloud Foundation 4.5

5.2 5.1 5.0 4.5
Deutsch Français Italiano 日本語 English

Configure the Local User Password Complexity Policy for ESXi

Define the requirements for local user passwords for the ESXi hosts in
VMware Cloud Foundation
 including required password length, character class requirements, or allowing passphrases.
Setting
Default Value
Security.PasswordHistory
0
Security.PasswordQualityControl
retry=3 min=disabled,disabled,disabled,7,7
For information about the format of the
Security.PasswordQualityControl
 settings, see ESXi Passwords and Account Lockout in the
vSphere Security
 documentation.

UI Procedure

  1. Log in to the management domain vCenter Server at
    https://<management_vcenter_server_fqdn>/ui
     by using an account with
    Administrator
     privileges.
  2. In the
    Hosts and clusters
     inventory, expand the management domain vCenter Server tree and expand the management domain data center.
  3. Expand the management domain cluster.
  4. Select the first ESXi host and click the
    Configure
     tab.
  5. In the
    System
     section, click
    Advanced system settings
    .
  6. On the
    Advanced system settings
     page, click
    Edit
    .
  7. In the key filter text box, enter
    Security.PasswordHistory
    , configure the settings according to the requirements of your organization.
  8. In the key filter text box, enter
    Security.PasswordQualityControl
    , enter values for the settings according to the requirements of your organization, and click
    OK
    .
  9. Repeat this procedure on all remaining hosts in the cluster.
  10. Repeat this procedure on all remaining clusters in the management domain.
  11. Repeat this procedure for all VI workload domains and their clusters.

PowerShell Procedure

  1. Start Windows PowerShell.
  2. Replace the values in the sample code and run the commands in the PowerShell console.
    $sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io"
$sddcManagerUser = "administrator@vsphere.local"
$sddcManagerPass = "VMw@re1!"

$sddcDomainName = "sfo-m01"
$cluster = "sfo-m01-cl01"

$policy = "retry=3 min=disabled,disabled,disabled,7,7”
$history = "3"
  3. Perform the configuration by running the command in the PowerShell console.
    Update-EsxiPasswordComplexity -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain $sddcDomainName -cluster $cluster -policy $policy -history $history
  4. Repeat this procedure on all remaining clusters in the management domain.
  5. Repeat this procedure for all VI workload domains and their clusters.

Content feedback and comments