In NSX-T Data Center 3.1, NSX-T has two built-in local user accounts; admin and audit. Starting in NSX-T 3.1.1, two additional local guest user accounts (called guestuser1 and guestuser2) are also available.
In NSX-T 3.1, to administer to the NSX-T environment, you must log in as admin.
Starting in NSX-T 3.1.1, to administer the NSX-T environment, you can log in as admin or one of the guest users if it is activated and granted an admistrative role.
The admin account is activated after installation. The other accounts require activation.
Starting with
NSX-T Data Center 3.1.1:
- There are two new user accounts named guestuser1, and guestuser2. In the NSX Cloud environment, the two new user accounts are cloud_admin and cloud_audit.
- By default, the two new user accounts are not activated. The audit, guestuser1, and guestuser2 accounts have the Auditor role. The cloud_admin and cloud_audit accounts have the Cloud Admin and Cloud Operator roles, respectively. You can change their role assignments.
An NSX-T appliance also has the
root user account. Note the following about the root user account:
- You cannot log in to the NSX Manager UI as root and you cannot manage this account through the NSX Manager UI.
- The root user can log in to an NSX-T appliance through the CLI, but cannot use the NSX CLI commands.
- The root user account cannot be renamed, deactivated, or deleted.
- The root user has special privileges. Only log in to an NSX-T appliance as root and make changes that are documented in this guide (for example, changing the appliance password), except when under the guidance of VMware. Changes made by the root user can cause catastrophic failures. In a production environment, the root password should be secured and made available for privileged access only.
For additional security-related information about the NSX Manager, see the section "Security" in NSX Manager.