You can configure password rotation and account policies for VMware Skyline Health Diagnostics for vSphere.

You can customize Password and account lockout policies based on the requirements of your organizations. These settings are stored in the configuration file /opt/vmware-shd/vmware-shd/app/apiserver/vmware-shd.conf in the [account] section

Element

Description

Parameter

Default

Minimum

Maximum

Password History

Number of previous passwords to be remembered. If set, using one of the last 'histories' will be disallowed.

account/history

3

0

5

Maximum password age

Maximum age of a password in days after which UI authentication will fail with password expired error.

account/passage

90

1

No Limit

Log in Failure window

Time window in minutes to track the authentication failures.

account/failwindow

5

1

No Limit

Log in Failure Count

Number of successive failures tolerated before locking the account.

account/failcount

0

1

No Limit

Account Lockout duration

How long in minutes account stays locked.

account/locktime

15

1

No Limit

Caution:

You must restart the VMware Skyline Health Diagnostics for vSphere service for the new changes to be effective. Also changing the password history is not tracked if the settings are set 0.