SSO User Management–Account Policies

Procedure

1. Browse to Administration > Sign-On and Discovery > Configuration in the vSphere Web Client.

2. Click the Policies tab and select Password Policies.

3. Click Edit.

SNAGHTMLb3fcd09

If the administrator password for the Single Sign On system expires and you are unable to log in to the vSphere Web Client, a user with Single Sign On administrator privileges must reset it or you have to reset password from command line.

Reset vCenter SSO Password

1. Open a command prompt and navigate to C:\Program Files\VMware\Infrastructure\SSOServer\ssolscli

2. Run the following command

ssopass username

3. Enter the current password for the user, even if it has expired.

4. Enter the new password and enter it again for confirmation.

Lockout Policy Basics and Configuration parameters

SNAGHTMLb594fb0

 

Security Best Practice: You cannot rename admin@system-domain user, instead it is recommended to create equivalent user with same privileges as admin user and disable admin user. It is also recommended to change the password and account lockout policy to same as your active directory domain

 

 

Advertisements

2 thoughts on “SSO User Management–Account Policies

  1. There is one other major flaw with the Installation process. If you choose Simple install you bypass the option to pick a HA/Multi Site install. This may seem OK but once you have installed using this method you cannot configure Linked Mode as this is not possible on a Basic Install.
    The VMware fix is to uninstall all vCenter and products from the vCenter server and reinstall manually (Not Simple Install)

    The thing that makes this ridiculous is when you follow this method there is only 2 extra screens to choose from. So this means Simple install has saved 2 screen options to go through but created a massive headache to fix for those who missed this on Upgrades/Installs.

    All i can say is what a joke.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s