jeffj2000
Enthusiast
Enthusiast

How to find when an SSO user expires?

Jump to solution

Hi. The policy has been changed several times by others, and know its lost track when an SSO user expires. I cannot find any information on you can tell from the CLI when an SSO user will expire. We are v7.0U1. Thanks,,,

0 Kudos
2 Solutions

Accepted Solutions
Ajay1988
VMware Employee
VMware Employee

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-4FBEA58E-94...
Try :  /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account <user-name> --level 2

If you think your queries have been answered
Mark this response as "Correct" or "Helpful".

Regards,
AJ

View solution in original post

0 Kudos
Ajay1988
VMware Employee
VMware Employee

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-4FBEA58E-94...
Try :    /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account <user-name> --level 2

From LAB:       /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account expire --level 2

Password expiry: 899 day(s) 23 hour(s) 59 minute(s) 44 second(s)

Please note password expiry is 900 days in my LAB

If you think your queries have been answered
Mark this response as "Correct" or "Helpful".

Regards,
AJ

View solution in original post

0 Kudos
4 Replies
Ajay1988
VMware Employee
VMware Employee

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-4FBEA58E-94...
Try :  /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account <user-name> --level 2

If you think your queries have been answered
Mark this response as "Correct" or "Helpful".

Regards,
AJ

View solution in original post

0 Kudos
Ajay1988
VMware Employee
VMware Employee

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-4FBEA58E-94...
Try :    /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account <user-name> --level 2

From LAB:       /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account expire --level 2

Password expiry: 899 day(s) 23 hour(s) 59 minute(s) 44 second(s)

Please note password expiry is 900 days in my LAB

If you think your queries have been answered
Mark this response as "Correct" or "Helpful".

Regards,
AJ

View solution in original post

0 Kudos
jeffj2000
Enthusiast
Enthusiast

Hi. I am curious what version you are on? my administrator@vsphere.local always shows password never expires

 /usr/lib/vmware-vmafd/bin/dir-cli user find-by-name --account administrator --level 2

Enter password for administrator@vsphere.local: 

Account: administrator

UPN: Administrator@VSPHERE.LOCAL

Account disabled: FALSE

Account locked: FALSE

Password never expires: TRUE

Password expired: FALSE

Password expiry: N/A

 

And I my policy is 90d expiration. I even just changed it again. I am on v7.0U1c

 

Thanks,,,

0 Kudos
jeffj2000
Enthusiast
Enthusiast

Hi. I fixed this. Someone had the account to never expire and I changed it to use the policy. Thanks,,,

0 Kudos