The NSX-T cloud is configured with the admin credentials for the NSX-T manager.

Procedure

  1. From the Avi Load Balancer UI, navigate to Administration > User Credentials.
  2. Enter the Name.
  3. Select NSX-T as the Credentials Type.
  4. Enter the Username and Password.
  5. Click Save.
  6. To prevent password lockout in future, add the NSX Advanced Load Balancer Controller IP addresses (individual NSX Advanced Load Balancer Controller node IPs, NSX Advanced Load Balancer Controller Cluster IP and Controller VIP address) to the lockout_immune_addresses list, follow the procedure mentioned in Prevent Password Lockout on Local Manager Nodes.For more information about lockout periods, see Authentication Policy Settings.
    Caution:

    The account is locked in the following scenarios:

    - You did not include controllers in the lockout_immune_addresses list and you changed the password of NSX-T account used by the cloud connector, for example, due to password expiry. To avoid this, you can temporarily disable the lockout prior to changing the account password, even if the Controllers are not added to lockout_immune_addresses. See Step 7 for instructions on temporarily disabling account lockout.

    - After you changed the password, even if you promptly update the account password in NSX Advanced Load Balancer , the account may still be locked because the cloud connector might continue using the old password long enough to trigger the lockout process..

  7. To temporarily disable lockout prior to changing the account:
    1. Disable the default lock-out period. On the NSX Manager CLI, run set auth-policy api lockout-period 0.
    2. Change account password in NSX Manager.
    3. Change account password in NSX Advanced Load Balancer.
    4. Reset lockout-period period to earlier value. The default is 900 sec. Run set auth-policy api lockout-period 900.