The purpose of this KB is to address the issue with Edge Node Settings Mismatch error in NSX-T UI

NSX-T Manager alarm: " Edge Node Setting Mismatch"

Edge Node Settings Mismatch error. CLI configuration : {"Enable SSH":true}, intent configuration :{"Enable SSH":false} Under get services, customer sees the following configuration under ssh: Service name: ssh Service state: stopped Start on boot: False Root login: enabled

VMware Cloud Foundation 4.5

SSH service is getting enabled every day due to a cron job that runs daily at 1 AM to refresh the notification about the expiration of all the accounts in the SDDC manager UI and While fetching these details, particularly for nsxt manager, the ssh is enabled temporarily.

The issue is fixed in 4.5.1, 5.0

Workaround:

Check sddc manager operationsmanager.log sand confirm you see the cron job triggered

Run this cron job weekly and then disable the ssh after cron job run, once a week

Note: Running the cron job weekly won't refresh the details for a week if the expiration policy is changed for any product meanwhile and no password operation is performed through sddc manager in that timeframe.

Following are the steps to run the job at 1 AM every Monday :

• echo "credentials.expiry.cache.refresh.interval=0 0 1 ? * MON" >> /etc/vmware/vcf/operationsmanager/application-prod.properties
• systemctl restart operationsmanager