VMware Networking Community
impranayk
Enthusiast
Enthusiast
‎02-24-2021 05:00 AM

NSX-V : How can we check password complexity of NSX Manager and Edge in NSX-V?

For the audit purpose, I need to check password complexity of NSX Manager and Edge in NSX-V. I am not getting command in CLI to check these configurations.

-------------------------------------------------------------------------
Follow me @ www.vmwareinsight.com
Please consider marking this answer "correct" or "helpful" if you found it useful

Pranay Jha | Blog: http://vmwareinsight.com
vExpert 2016/2017, VCAP5-DCD/DCA, VCP5-DCV, VCA-Cloud, VCE-CIA, MCSE, MCITP
0 Kudos
1 Reply
Sreec
VMware Employee
VMware Employee
‎02-24-2021 11:06 PM

Edge deployment is not possible unless the below criteria are met while entering a password. 

Enter a password that is at least 12 characters and it must satisfy these rules:

  • Must not exceed 255 characters
  • At least one uppercase letter and one lowercase letter
  • At least one number
  • At least one special character
  • Must not contain the user name as a substring
  • Must not consecutively repeat a character 3 or more times.

For NSX-V Manager recommendation is to change the password as per organization policy which is documented in NSX-V security guides because admin password never expires. 

I'm unaware of any CLI command for this. However, the password complexity is already met during the deployment for edges  I'm curious to know why you want a CLI validation? , Random login to few edges should let you pass the security audit. Logging to few edges might be feasible, however, I have seen platforms with 500+ edges so it's a tedious process, advice is to secure the SSH session and if needed rotate the edge passwords.

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
0 Kudos