VMware {code} Community
mpr4ul
Contributor
Contributor
‎10-17-2013 04:27 AM

Connection to vCenter/ESX with one time credentials even after changing password on server

Hi,

Is there any way we can connect to the vCenter/ESX from client with single time credentials, and that can connect to vCenter even after changing the password of vcenter user.

Here my requirement is to connect to vCenter periodically without asking the user to enter credentials every time even after changing password of user with one time credentials .

Thanks in advance.

0 Kudos
3 Replies
stumpr
Virtuoso
Virtuoso
‎10-18-2013 09:47 AM

You can use SSO, NTLM, etc....but those basically require passwords somewhere.  But with SSPI login (NTLM), you can log in using the current local user credentials on Windows (part of the current Perl SDK).

Otherwise, based on what you are asking you'd probably have to setup a simple web service that uses a service account, and then have that web service execute using that account credential set.  Not exactly secure unless you provide some method of authentication, and it could lead to elevation of privileges if your service is using an admin account.

You might be able to create a simple tool that uses one-time credentials to authenticate to your custom web service, then call vCenter with a service account.  But that service account credential set would probably have to be stored somewhere.

Reuben Stump | http://www.virtuin.com | @ReubenStump
mpr4ul
Contributor
Contributor
‎10-21-2013 06:58 AM

Stumpr, Thanks for reply,

How the vCenter will always connect to ESX even after changing password for ESX. What mechanism is using, I am thinking that some agent will sit on the ESX to communicate with vCenter.

0 Kudos
stumpr
Virtuoso
Virtuoso
‎10-21-2013 08:00 AM

That's right, there is an agent that is communicating between vCenter and ESXi that does that communication.

Reuben Stump | http://www.virtuin.com | @ReubenStump