How to disable the vCenter Server Appliance Password Expiration #VCSA


Jonathan Frappier Virtxpert

It seems over the past few weeks, a folks have started to get burned by the vCenter Server Appliance (VCSA) password expriation, and I suppose that about lines up with the release of vSphere 5.5 coming just about 90 days ago.  There are a few options you can take:

  1. Disable the password expiration
  2. Configure a notification email to ensure you are notified before it expires

I will review both here, and suggest you strongly consider number 2 as your option as maintaining passwords indefinitely is not a good practice.

Disable the VCSA Password Expiration

  • Log into the VCSA configuration UI at https://url_of_your_vcsa:5480
  • Click on the Admin tab
  • Select “No” for “Administrator password expires”

vcsa-password-expiration

 

Set VCSA Password Expiration Notice

The password expiration notice relies on the SMTP server configuration in vCenter, lets check that first.

  • Log into vCenter at https://url_of_your_vcsa:9443
  • Click on vCenter in the navigation menu, click on vCenter Servers
  • Click on the vCenter server you wish to configure SMTP settings for
  • Click on General, then click the Edit button
  • Click on Mail and enter the SMTP server IP or FQDN and “From” address

vcenter-smtp-settings

  • Now that your SMTP server details are set in vCenter, you can setup the VCSA to notify you of upcoming password expirations
  • Log into the VCSA configuration UI at https://url_of_your_vcsa:5480
  • Click on the Admin tab
  • Enter the email address in the Email for expiration warning field that you wish to receive these notifications

vcsa-password-email-notificationSummary

Disable, or not to disable – only your organizations security policies can tell you the right answer, but I’d suggest getting a warning and resetting it in line with your standard password expiration period.

 

How to disable the vCenter Server Appliance Password Expiration #VCSA