You can manage the admin and audit user's account through an NSX-T appliance's CLI.

The admin user can manage the password and change the name of the admin and audit users, but cannot add, delete, or disable users. Any change to the admin or audit user's account will be audited.

The audit user has read privileges to the NSX-T environment and is not active by default. To activate it, log in as admin and run the set user audit password command and provide a new password. When prompted for the current password, press the Enter key.

By default, user passwords expire after 90 days. You can change or disable the password expiration for each user.

When the password of admin or audit on the NSX Manager will expire within 30 days, the NSX Manager web interface displays a password expiration notification. If you set the password expiration to 30 days or less the notification is always present. The notification includes a Change Password link. Click the link to change the user's password.

Prerequisites

Familiarize yourself with the password complexity requirements for NSX Manager and NSX Edge. See "NSX Manager Installation" and "NSX Edge Installation" in the NSX-T Data Center Installation Guide.

Procedure

  1. Log in to the appliance's CLI as admin.
  2. To change the password, run the set user <username> password command. For example:
    nsx> set user admin password
    Current password:
    New password:
    Confirm new password:
    nsx>
    
  3. To change the name of the admin or audit user, run the set user <username> username <new username> command. For example:
    nsx> set user admin username admin1
    nsx>
    
  4. To get the password expiration information, run the get user <username> password-expiration command. For example:
    nsx> get user admin password-expiration
    Password expires 90 days after last change
    nsx>
    
  5. To set the password expiration time in days, run the set user <username> password-expiration <number of days> command. For example:
    nsx> set user admin password-expiration 120
    nsx>
    
  6. To disable password expiration, run the clear user <username> password-expiration command. For example:
    nsx> clear user admin password-expiration
    nsx>