NSX-T user accounts created on an ESXi host when NSX-T VIBs are installed
search cancel

NSX-T user accounts created on an ESXi host when NSX-T VIBs are installed

book

Article ID: 324186

calendar_today

Updated On:

Products

VMware NSX Networking

Issue/Introduction

The following list of users are automatically created on an ESXi host when NSX-T VIBs are installed and therefore prepared as a transport node:
  • nsx-user: This user is used for nsx-opsagent to invoke VIM API calls to the hostd agent on the ESX specifically for Layer 2 configuration (create / update of hostswitch configuration, port configuration, etc). NSX logs may refer to this user in logs as nsxuser, please note it is referring to this user. 
  • da-user: This user is used to collect inventory of ESX (VMs, NICs, etc).
  • mux-user: This user is used for reading/writing into namespace db. For that purpose permission to Host.Local.ReconfigVM is provided for the user.

The password generation for all these users is as per the password policy required by ESX:
A valid password should be a mix of upper and lower case letters, digits, and other characters. The password can include characters from 4 character classes (upper case, lower case, digits, special chars). And the password length should be 40 characters.

The password is generated based on the above guidelines during user creation when the corresponding agent starts up and is never stored anywhere.
There isn't an option today to manually manage these passwords.

Environment

VMware NSX-T Data Center