Are you looking for details about ‘managing password expiration settings in VMWare vSphere? When you install the vCenter Server Appliance, the password lifetime for root user is set to 365 days (vCenter 6.5 or earlier) or 90 days (vSphere 6.7).
My root user password expired in vCenter
Hello, I can no longer access a vCenter service appliance that I own. The password, I believe, expired in December. Since I'm new to vCenter, I thought that I would be asked to change my password and that I would still be able to use my old one. Is it possible for an expired password to fully lock you out?
This vCenter root password expired issue may arise with the following symptoms:
Why does it occur? The main reason is the default password policy, which is defined to expire after 90 days. In order to avoid root password expired, you can change the root password using SSH client or disable root user password expired for vCenter over the GUI.
I will introduce the detailed steps to solve the issue of vCenter root password expired in the following article.
By default, the SSO policy is applied for vSphere local users. It requires a user password to be changed every 90 days. You can reset the root password and change password expiration settings from the vCenter Server Management Interface.
If you can’t log into the web console, you could still log into the appliance via SSH. Then invoke the shell command, and reset the root password with the passwd command. To do it, connect to your vCSA host using the SSH client.
1. Enable the SSH access to vCSA in the Access >> SSH login >> Enabled section of the Appliance Management (https://your_vcenter_name:5480/ui/access).
2. Open your Putty SSH session and log in as root. Type shell and run this passwd command to vCenter change the root password expired.
If you can log into vCenter now, you can then disable root password expiration by editing password policy to make it never expire.
To check your password policy in vCenter, you can go to the Administration section and see the values in the “Password expiration settings” section. As you can see on the Password Policy tab, the following requirements are applied to the passwords of all local vCSA users:
And by editing the policy, you can then disable root password expiration again.
How to change the settings of password expiration policy:
If you do not want the root user password to expire in vCenter, you can disable password expiration policy by following these steps.
1. Connect to the Port 5480 of your appliance and sign in as root.
2. Go to the menu Administrator of your appliance.
3. In the Password expiration settings section, click Edit and select the password expiration policy.
4. In the opened wizard, select No to disable vCenter root password expiration.
5. Click Save to apply the new password expiration settings. Now the password of the root user never expires.
When installing patches or upgrades, do not forget to backup VCSA. Having a proper backup can save you especially if you're in a production environment. For better protection, virtual machine backup is also necessary to prevent your VMs from malware attack and data loss.
96% of businesses experienced at least one of the major causes of data loss: human errors, hard drive failures, outages, fire and natural disasters, so a professional VM backup tool is necessary that offers better data protection for organizations. If you are searching for the premier backup solution for your enterprise, you will not find a better option than AOMEI Cyber Backup paired with your organization.
Here I want to introduce a professional VMware backup software – AOMEI Cyber Backup which performs automated backups for virtual machines and supports various versions including ESXi 6.0-7.0. You are able to backup your multiple virtual machines with its flexible strategies.
With AOMEI Cyber Backup, you can enjoy these features easily.
✦ Auto VM Backup: schedule VMware or Hyper-V virtual machine backups in batch without human errors and perform hot backup to keep business continuity. ✦ Flexible vSphere Backup: batch backup large numbers of VMs managed by vCenter Server, or multiple VMs on a standalone ESXi host. ✦ Multiple Storage Destinations: backup to a local drive, or network destinations like NAS. ✦ Cloud Storage: easily archive backup versions to Amazon S3 for a better data storage solution. ✦ Retention Policy: delete unwanted or expired backups automatically, saving storage costs.
Hit the button below to download AOMEI Cyber Backup 30-day free trial.
1. Bind Devices: Access to AOMEI Cyber Backup web client, navigate to Source Device > VMware > + Add VMware Device to Add vCenter or Standalone ESXi host. And then click … > Bind Device.
2. Create Backup Task: Navigate to Backup Task > + Create New Task, and select VMware ESXi Backup as the Backup Type.
3. Set Task Name, Device, Target, Schedule, and Cleanup as needed.
4. Run Backup: Click Start Backup and select Add the schedule and start backup now, or Add the schedule only.
5. Restore: Click Restore to restore virtual machine from backup, saving the trouble of re-configuring a new one.
▶ Select a VM backup and click Restore to original/new location. It allows you to restore the entire VMware virtual machine to the original or another host easily and quickly.
When you deploy vCenter Server, you set the initial password of the root user, which expires after 90 days by default. If you want to disable vCenter root password expiration, this feature can be deactivated by performing the steps in this article. You can change the root password and the password expiration settings from the vCenter Server Management Interface.