SOS Password check for ESX component for root account fails if lockdown mode is enabled.
Article ID: 313496
Updated On:
Products
VMware Cloud Foundation
Issue/Introduction
When user faces this issue, they can check the validity through SSH if enabled.
Symptoms:
When SOS tool is run for health check, password checks for ESX component for root account with lockdown mode enabled returns "Failed to get details", in console with RED alert, intermittently.
Symptoms:
When SOS tool is run for health check, password checks for ESX component for root account with lockdown mode enabled returns "Failed to get details", in console with RED alert, intermittently.
Environment
VMware Cloud Foundation 3.0.x
VMware Cloud Foundation 4.0.x
VMware Cloud Foundation 5.0
VMware Cloud Foundation 4.0.x
VMware Cloud Foundation 5.0
Cause
The case was not handled in code where lockdown mode enabled for root account, once bringup is done. The check was based on service accounts.
Resolution
The issue has been fixed in VMware Cloud Foundation 5.0.0.1 release.
Workaround:
Disable the lockdown for the particular host whose root account is in lockdown through Vsphere client.
Select Host under SDDC Datacenter --> Configure --> System --> Security Profile and disable lockdown mode.
Check the password expiry of root through SOS utility password health check.
Workaround:
Disable the lockdown for the particular host whose root account is in lockdown through Vsphere client.
Select Host under SDDC Datacenter --> Configure --> System --> Security Profile and disable lockdown mode.
Check the password expiry of root through SOS utility password health check.
Feedback
Yes
No
Powered by
