I’ve recently installed vCenter server appliance (VCSA) to manage my lab environment running vSphere 5.5. It’s faster than instaling a vCenter under Windows and it’s the future. I was wondering how to change the default password policies in vSphere 5.5? The Default vCenter SSO configuration password policy is set to expire passwords in 90 days with last 5 passwords which cannot be reused. You also need to use complex passwords. You might want to change this default behavior as you probably do the same for Windows AD password policies as well. So How to change the default password policies in vSphere 5.5?
The biggest thing which retaining many people to deploy VCSA in production is probably a support for external SQL database. But this will be added, sooner or later. So why not test the deployment and management in a lab for the moment and familiarize with the administration?
How to change the default password policies in vSphere 5.5
It’s very easy to do that when you got the vSphere client up and running, go and navigate to:
Home > Administration > Single Sign-On >Configuration > Policy TAB > Password policies > Edit button
If you have added your Domain and using AD as an identity source like I did - VCSA 5.5 Installation and configuration – Part 2 - then you probably managing the password expire policy through your AD for your domain users and groups already.
VCSA Appliance Password Policy
The above was setting for password policy settings for vSphere environment. Concerning the VCSA appliance, there is also a local password policy which by default expire your password in 90 days too, so you might want to disable it or change it too… otherwise you might be suprised one day and won’t be able to login locally to administer your VCSA. The appliance offers easy way to check for updates and (or) upgrades, restart and configure different services etc.
Where to find local VCSA password policy?
01. connect to the VCSA appliance through https://<ip_of_the_appliance>:5480
02. Use default user/password (if you haven’t changed yet) root/vmware
03. Go to the Admin TAB and there you see the options… Note that you can also set an e-mail to be notified before the password expire.
Posts that you should check:
- vCenter Server 5.5 (VCSA) – Install/config - part 1
- VCSA 5.5 Installation and configuration – Part 2
- How-to backup and restore VCSA 5.5 internal database