Now that 5.5 has been out a while and many of you have been making the move to the VMware vCenter Virtual Appliance (a.k.a. VCSA), here’s a friendly reminder to check the password expiration of the root account on the virtual appliance! If you’ve been following my blogs, you’ll remember in Part 2 of the “Virtual Appliances getting more secure with vSphere 5.5” series, I HIGHLY recommended that you check root password expiration ASAP!
The VCSA root password is set to expire 90 days from deployment time. Go to Part 2 of the series to find out how to set your expiration to a longer date. Note that from the VAMI interface, you can supply an email address to notify 7 days prior to expiration of the password. Don’t miss updating this step! Log into the VAMI web interface via https://<vcsa FQDN or IP>:5480. Go to the Admin tab and update whether the password expires, for how long and what email address to notify. Make sure your SMTP configuration works correctly.
[Update] There has been a KB released on 10-Jan-2014 for those that may be locked out of their appliance or want to disable the forced lockout. I urge you to review KB2069041