Extend the NSX-T default 90 days password-expiration policy

From Iwan
Jump to: navigation, search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

NSX-T has the default password policy that you need to change the "admin" password after 90 days. This can be annoying when you have a lab environment and need to change this every three months. In this article, I will show you how to extend the days your password is valid.

NSX–T Manager

You can set the policy to 9999 days with the following commands: 

NSX CLI (Manager, Policy, Controller 2.4.1.0.0.13716579). Press ? for command list or enter: help
ih-dc1-nsxm-01-2> get user admin password-expiration
Password expires 90 days after last change

ih-dc1-nsxm-01-2> set user admin password-expiration 9999
ih-dc1-nsxm-01-2> get user admin password-expiration
Password expires 9999 days after last change

ih-dc1-nsxm-01-2>

NSX–T Edge

When you change to extend the password-expiration on the NSX-T Manager this is NOT automatically pushed to the Edge (VM). So we also need to do this in the Edges. 

NSX CLI (Edge 2.4.1.0.0.13716583). Press ? for command list or enter: help
ih-dc1-edgen-02> get user admin password-expiration
Password expires 90 days after last change

ih-dc1-edgen-02> set user admin password-expiration 9999
ih-dc1-edgen-02> get user admin password-expiration
Password expires 9999 days after last change

ih-dc1-edgen-02>

I am always trying to improve the quality of my articles so if you see any errors, mistakes in this article or you have suggestions for improvement, please contact me and I will fix this.

Retrieved from "http://www.iwanhoogendoorn.nl/index.php?title=Extend_the_NSX-T_default_90_days_password-expiration_policy&oldid=5284"