VMware Cloud Community
jeffj2000
Enthusiast
Enthusiast
‎12-30-2020 01:33 PM
Jump to solution

How to find when an SSO user expires?

Hi. The policy has been changed several times by others, and know its lost track when an SSO user expires. I cannot find any information on you can tell from the CLI when an SSO user will expire. We are v7.0U1. Thanks,,,

0 Kudos
2 Solutions

Accepted Solutions
Ajay1988
Expert
Expert
‎01-01-2021 02:06 AM
Jump to solution

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-4FBEA58E-94...
Try :  /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account <user-name> --level 2

If you think your queries have been answered
Mark this response as "Correct" or "Helpful".

Regards,
AJ

View solution in original post

Ajay1988
Expert
Expert
‎01-01-2021 02:14 AM
Jump to solution

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-4FBEA58E-94...
Try :    /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account <user-name> --level 2

From LAB:       /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account expire --level 2

Password expiry: 899 day(s) 23 hour(s) 59 minute(s) 44 second(s)

Please note password expiry is 900 days in my LAB

If you think your queries have been answered
Mark this response as "Correct" or "Helpful".

Regards,
AJ

View solution in original post

5 Replies
Ajay1988
Expert
Expert
‎01-01-2021 02:06 AM
Jump to solution

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-4FBEA58E-94...
Try :  /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account <user-name> --level 2

If you think your queries have been answered
Mark this response as "Correct" or "Helpful".

Regards,
AJ
Ajay1988
Expert
Expert
‎01-01-2021 02:14 AM
Jump to solution

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-4FBEA58E-94...
Try :    /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account <user-name> --level 2

From LAB:       /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account expire --level 2

Password expiry: 899 day(s) 23 hour(s) 59 minute(s) 44 second(s)

Please note password expiry is 900 days in my LAB

If you think your queries have been answered
Mark this response as "Correct" or "Helpful".

Regards,
AJ
jeffj2000
Enthusiast
Enthusiast
‎01-01-2021 07:38 AM
Jump to solution

Hi. I am curious what version you are on? my administrator@vsphere.local always shows password never expires

 /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account administrator --level 2

Enter password for administrator@vsphere.local: 

Account: administrator

UPN: Administrator@VSPHERE.LOCAL

Account disabled: FALSE

Account locked: FALSE

Password never expires: TRUE

Password expired: FALSE

Password expiry: N/A

 

And I my policy is 90d expiration. I even just changed it again. I am on v7.0U1c

 

Thanks,,,

0 Kudos
jeffj2000
Enthusiast
Enthusiast
‎01-01-2021 07:55 AM
Jump to solution

Hi. I fixed this. Someone had the account to never expire and I changed it to use the policy. Thanks,,,

0 Kudos
shubhanshuv
Contributor
Contributor
‎11-29-2023 01:25 AM
Jump to solution

This is for one user and we have to check manually .How can we check for multiple users.

is there any PowerShell script to derive list of vcenter users with their expiry date and time.