[VMC on AWS] VMC SDDC vCenter Server shows inaccurate password expiry banner notification for Active Directory users
book
Article ID: 329603
calendar_today
Updated On:
Products
VMware Cloud on AWS
Issue/Introduction
Symptoms:
Inaccurate password expiry banner notification is displayed for Active Directory users in the vCenter HTML5 Client
Cause
This can occur if Password Settings Object (PSO) is applied, in this case the password lifetime is fetched from the attribute PasswordSettingsAttributeMaximumPwdAge otherwise its fetched from DomainAttributeMaxPwdAge.
Also :
vCenter is using the default GPO to determine the Password expiration to display the notification instead. AD password expiry notification uses incorrect date for calculation.
Microsoft Dynamic Access Control is used to set individual password expiration.
Resolution
This is a known issue affecting VMware Cloud on AWS and currently there is no resolution.
Workaround: Please use Native Active Directory password expiration policy's for user account notifications.