To enhance security, it is recommended to periodically change passwords for both logical and physical accounts across all racks in your system. This generates new passwords with random values for the selected accounts. You have the option to rotate passwords manually or automatically through SDDC Manager for managed accounts. vCenter Server, by default, has automatic password rotation enabled.
In this article, we will see how to rotate the passwords and retrieve the auto-rotated password.
Log in to SDDC Manager and go to Password Manager
You can select the user which you want to rotate, select the user and click on either of the rotate or you can select all the users and rotate at once. If you don’t want a randomly generated string as a password, you can click “UPDATE” and give your own password.
Once you click “Rotate Now” SDDC Manager will display a confirmation dialog as shown below. Once you click the “Rotate” you will be able to see the task
It should just take a few seconds and the passwords will be rotated.
You can schedule the password rotation for every 30, 60, or 90 Days.
Let’s retrieve the password
You will need to log in to SDDC Manager via ssh using the vcf user account.
// Switch to root su
In my lab, I rotated NSX-T Manager passwords, so I am retrieving the same. (Command: lookup_passwords)
lookup_passwords Password lookup operation requires ADMIN user credentials. Please refer VMware Cloud Foundation Administration Guide for setting up ADMIN user. Supported entity types: ESXI VCENTER PSC NSX_MANAGER NSX_CONTROLLER NSXT_MANAGER NSXT_EDGE VRSLCM VRLI VROPS VRA WSA BACKUP VXRAIL_MANAGER AD Enter an entity type from above list: NSXT_MANAGER Enter page number (optional): Enter page size (optional, default=50): Enter Username: [email protected] Enter Password:
Please note the username requested is your [email protected] and the password.
If you want to deploy a test lab for VCF, here’s are 4 Simple steps to Auto deploy VCF 4.5 with Nested ESXI
Hope this helps!
VMware documentation about password rotation