VMware Cloud Foundation 5.2

5.2 5.1 5.0 4.5
Deutsch Français Italiano 日本語 English

Configure the Local User Password Expiration Policy for ESXi

Define the interval of time before the password of a local user on an ESXi host in
VMware Cloud Foundation
 expires and a change is enforced.
Setting
Default Value
Security.PasswordMaxDays
99999

Prerequisites

If you plan to reduce the expiration period of a local account's password, rotate the password of the account by using SDDC Manager. See Rotate Passwords.
The password expiration date is determined by adding the password expiration period to the date of the last password change. If the time since the last password change is greater than the new expiration period, the password expires immediately.

UI Procedure

  1. Log in to the vCenter Server instance for the workload domain at
    https://<vcenter_server-fqdn>/ui
     by using an account with
    Administrator
     privileges.
  2. In the
    Hosts and clusters
     inventory, navigate to and expand the first vSphere cluster.
  3. Select the first ESXi host and click the
    Configure
     tab.
  4. In the
    System
     section, click
    Advanced system settings
    .
  5. On the
    Advanced system settings
     page, click
    Edit
    .
  6. In the key filter text box, enter
    Security.PasswordMaxDays
    , enter a value for the setting according to the requirements of your organization, and click
    OK
    .
  7. Repeat this procedure on the remaining hosts in the cluster.
  8. Repeat this procedure on all remaining clusters in the workload domain.
  9. Repeat this procedure for all clusters in the remaining workload domains.

PowerShell Procedure

  1. Start PowerShell.
  2. Replace the values in the sample code and run the commands in the PowerShell console.
    $sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io"
$sddcManagerUser = "administrator@vsphere.local"
$sddcManagerPass = "VMw@re1!"

$sddcDomainName = "sfo-m01"
$cluster = "sfo-m01-cl01"

$maxDays = "99999"
  3. Perform the configuration by running the command in the PowerShell console.
    Update-EsxiPasswordExpiration -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain $sddcDomainName -cluster $cluster -maxDays $maxDays
  4. Repeat this procedure for all remaining clusters in the
    $sddcDomainName
     workload domain.
  5. Repeat this procedure for all clusters in the remaining workload domains.

Content feedback and comments