SDDC manager falsely shows the password for NSX-T component as expired
search cancel

SDDC manager falsely shows the password for NSX-T component as expired

book

Article ID: 318236

calendar_today

Updated On:

Products

VMware Cloud Foundation

Issue/Introduction

Symptoms:
  • SDDC manager falsely shows the passwords of NSX-T components as expired during precheck/upgrade.
  • Log file /var/log/vmware/vcf/lcm/lcm-debug.log will show following entries :
2021-04-09T13:41:44.830+0000 INFO  [vcf_lcm,0000000000000000,0000,precheckId=e8ef23bd-5e65-44c6-80b0-25e8fb993243,resourceType=NSX_T,resourceId=nsx.test.local] [c.v.e.s.l.p.i.nsxt.NsxtPrimitiveImpl,pool-3-thread-49] Completed precheck task NSX_T_PASSWORD_VALIDITY_CHECK  on resource id nsx.test.local with status RED
  • Executing the command "get user admin password-expiration" on NSX-T Manager will show as  "Password expiration not configured for this user"
nsx_password_expiration.jpg


Environment

VMware Cloud Foundation 4.2

Cause

This issue is caused if password expiry is disabled for NSX-T component, the precheck will falsely show the password as expired.

Resolution

This issue is resolved in VMware Cloud Foundation 4.3

Workaround:
To workaround this issue, set the password expiry to 9999 or a lesser number by using the command "set user admin password-expiration 9999" before performing precheck/upgrade and if required can be changed back to never expire after precheck/upgrade is completed.

Note: Similar error will be shown if the password is already expired or is set to an unsupported value, please refer KB NSX-T Password Validity Check Fails When Completing an Upgrade Precheck in SDDC-Manager for more information.

Powered by Wolken Software