VMware Cloud Community
zenking
Hot Shot
Hot Shot
‎03-09-2017 07:57 AM
Jump to solution

Local accounts in vCenter Server

I noticed a few accounts in my local vcenter users and groups. The names are:

waiter-long_random_string_here

krbtgt/vsphere.local

K/M

Are these some type of service accounts?

VMWare Environment: vSphere 7.0, EQ PS6210 SANs, Dell R730 Hosts, dedicated Dell switches w/ separate vlans for vmotion and iscsi.
Reply
0 Kudos
1 Solution

Accepted Solutions
vcallaway
Enthusiast
Enthusiast
‎03-09-2017 08:40 AM
Jump to solution

Yes they are.

From this link:https://www.experts-exchange.com/questions/28976745/odd-users-in-vsphere-local-domain.html

"These accounts are shell accounts for kerberos authentication, and it's completely normal to see them, if you go looking.

Do not modify them or delete them, unless advised by VMware Support.

see here

https://communities.vmware.com/thread/475678?start=0&tstart=0

View solution in original post

Reply
0 Kudos
4 Replies
vcallaway
Enthusiast
Enthusiast
‎03-09-2017 08:40 AM
Jump to solution

Yes they are.

From this link:https://www.experts-exchange.com/questions/28976745/odd-users-in-vsphere-local-domain.html

"These accounts are shell accounts for kerberos authentication, and it's completely normal to see them, if you go looking.

Do not modify them or delete them, unless advised by VMware Support.

see here

https://communities.vmware.com/thread/475678?start=0&tstart=0

Reply
0 Kudos
zenking
Hot Shot
Hot Shot
‎03-10-2017 07:54 AM
Jump to solution

Just adding some detail about the accounts I got from VMware. K/M is the Key Master, krbtgt is the admin and the waiter service is part of the scheduling.

VMWare Environment: vSphere 7.0, EQ PS6210 SANs, Dell R730 Hosts, dedicated Dell switches w/ separate vlans for vmotion and iscsi.
Reply
0 Kudos
Howiedog
Enthusiast
Enthusiast
‎08-03-2017 02:08 PM
Jump to solution

Can these accounts be "hidden".

So if the next admin to come in and take over.... isn't crystal clear on what these accounts are for, and deletes them...then what?? Tuff titties I guess? Redeploy.

Also this password complexity stuff is getting ridiculous. Moving from 5.1 to VCSA6.0 and now I am hit with having to change the password we have been using for years ibto somew cryptic bloody mess that No One will remember.

Tell how to TURN THIS OFF please??

Reply
0 Kudos
zenking
Hot Shot
Hot Shot
‎08-04-2017 05:32 AM
Jump to solution

Howie, I don't mean to sound unsympathetic, but it's a good idea to change admin passwords from time to time. Password crackers are getting more efficient, not less. You can use something like locknote for storing difficult passwords.

Steganos LockNote download | SourceForge.net

Yes, if the next admin comes in and deletes accounts without understanding what they are or making any attempt to find out, he'll most likely be rebuilding the server. Snapshots may be that admin's best friend.

VMWare Environment: vSphere 7.0, EQ PS6210 SANs, Dell R730 Hosts, dedicated Dell switches w/ separate vlans for vmotion and iscsi.
Reply
0 Kudos