When an error occurs, for example after a password expires, you must reset the password in the component. After you reset the password, you must remediate the password. Password remediation updates the new password in the SDDC Manager database and the dependent Cloud Foundation workflows.

To resolve any errors that might have occurred during password rotation or updation, you must use password remediation. Password remediation manually syncs the password of the component account stored in the SDDC Manager with the updated password in the component.

For USER and SYSTEM account types, you must manually enter the password set in the component. The SDDC Manager updates the stored password with the new password.

For the SERVICE account type, you must manually enter the password set in the component. The SDDC Manager updates the service account password with the new password. After password remediation, the password is rotated to a new password.

Note: You can remediate password for only one account at a time.

Although the individual VMware Cloud Foundation components support different password requirements, you must set passwords following a common set of requirements across all components. For information on updating passwords manually, see Manually Update Passwords.


  • Verify that there are no currently failed workflows in your VMware Cloud Foundation system. To check for failed workflows, click Dashboard in the navigation pane and expand the Tasks pane at the bottom of the page.
  • Verify that no active workflows are running or are scheduled to run during the manual password remediate.
  • Only a user with the ADMIN role can perform this task. For more information about roles, see User and Group Management.


  1. From the navigation pane, select Administration > Security > Password Management.
    The Password Management page displays a table with detailed information about all domains, including their component, credential type, FQDN, IP address, and user name. This table is dynamic. Each column can be sorted.
    You can click the filter icon next to the table header and filter the results by a string value. For example, click this icon next to User Name and enter admin to display only domains with that user name value.
  2. Select the domain entity whose password you want to remediate, and click Remediate at the top of the page.
    Note: If you select more than one account, the Remediate button is disabled.
    The Remediate Password dialog box appears. This dialog box also displays the entity name, account type, credential type, and user name, in case you must confirm you have selected the correct account.
  3. Enter and confirm the new password set at the component.
    If the passwords do not match, the dialog box displays a red alert.
  4. Click Remediate.
    A message appears at the top of the page showing the progress of the operation. The Task panel also shows detailed status of the password remediation operation. To view subtasks, you can click the task name.
    If the Task panel shows the task as having failed, click Retry.


Password remediation is complete when all sub-tasks are completed successfully.