I have upgrade vcf 3.10.2.2 to 3.11.0.0 after upgrading SDDC showing me error on precheck
multiple component showing the password expiry error, while checking the appliance password expiry was set to never.
Password expiry for VC, PSC, VRLCM, Vrops
Could you post a screenshot of the pre-check failing with errors? Also, this occurs due to two things,
1. Either the passwords are expired and need to be updated using the SDDC Manager for the components
2. The password expiry option should NOT be set to Never Expire, At the max it should be set to 365 days according to the pre-check in SDDC Manager.
Hope this helps.
Pradeep Adapa
When completing an upgrade precheck in SDDC-Manager the NSX-T password validity check fails:
Impact - HIgh: Password has expired and upgrade will fail due to this.
You will see the following in the /var/log/vmware/vcf/lcm/lcm-debug.log:
2021-06-17T19:10:20.089+0000 DEBUG [vcf_lcm,0000000000000000,0000,precheckId=af8ce3f0-615b-4387-919c-f123e797d4a5,resourceType=NSX_T,resourceId=nsx.corp.local] [c.v.e.s.l.p.c.u.VmwPrimitiveUtils,pool-3-thread-48] Password validation status for API credential type of resource: nsx.corp.local is VALID
2021-06-17T19:10:20.090+0000 DEBUG [vcf_lcm,0000000000000000,0000,precheckId=af8ce3f0-615b-4387-919c-f123e797d4a5,resourceType=NSX_T,resourceId=nsx.corp.local] [c.v.e.s.l.p.util.PrimitiveHelper,pool-3-thread-48] Password validation for API credential type of resource: nsx.corp.local is VALID
2021-06-17T19:10:20.090+0000 DEBUG [vcf_lcm,0000000000000000,0000,precheckId=af8ce3f0-615b-4387-919c-f123e797d4a5,resourceType=NSX_T,resourceId=nsx.corp.local] [c.v.e.s.l.p.c.u.VmwPrimitiveUtils,pool-3-thread-48] Password validationexpiry data for API credential type of resource: nsx.corp.local is SUCCEEDED
2021-06-17T19:10:20.090+0000 DEBUG [vcf_lcm,0000000000000000,0000,precheckId=af8ce3f0-615b-4387-919c-f123e797d4a5,resourceType=NSX_T,resourceId=nsx.corp.local] [c.v.e.s.l.p.c.u.VmwPrimitiveUtils,pool-3-thread-48] Password validationexpiry for API credential type of resource: nsx.corp.local is in -22 days
2021-06-17T19:10:20.090+0000 INFO [vcf_lcm,0000000000000000,0000,precheckId=af8ce3f0-615b-4387-919c-f123e797d4a5,resourceType=NSX_T,resourceId=nsx.corp.local] [c.v.e.s.l.p.i.nsxt.NsxtPrimitiveImpl,pool-3-thread-48] Completed precheck task NSX_T_PASSWORD_VALIDITY_CHECK on resource id nsx.corp.local with status RED MyTHDHR Schedule
You need to Set password expiry for root and admin to 9999:
1. SSH to NSX-T VIP with admin credentials
2. Check password expiry for both root and admin accounts
getuser admin password-expiration
3. If the password has expired or is set to 99999 use the following command to set password expiryto 9999
set user admin password-expiration 9999
Hope This Helps...
Thanks.
4. Retry upgrade precheck in SDDC-Manager
With VMware Cloud Foundation password management of SDDC components is handed off to the SDDC manager. The SDDC manager can rotate the passwords for VMware components such as ESXi, Virtual Centre and NSX-T. A very useful feature and a great way. of keeping admin and root accounts secure in the infrastructure. So what happens when the rotation is perhaps missed and the NSX-T passwords expire?
Even if the password expires, you can still Rotate the password of that Component (Like VROPS, NSX-V, NSX-T etc.), That is the beauty in VCF.
just checked My password has Expired. I have updated it with a New one, RIght now, it’s working Fine. Thanks To you. PayByPlateMa com Online Toll Bills