• Password expiration was set for a local account by CLI command such as "set user admin password-expiration 9999" in past.
• Later, a local account password is updated by CLI command such as "set user admin password #####".
• The password expiration reverted to 90 days (default value).
• Both NSX Manager and Edge nodes can be affected.

# The password expiration was set to a value other than the default.

nsx-edge> get user admin password-expiration
Thu Aug 29 2024 UTC 06:36:22.665
Password expires 9999 days after last change <<------- 
 Current password will expire in 9973 days
User will receive warning messages 7 days before password expires.

# Change the password.

nsx-edge> set user admin password ######## old-password ########

# The password-expiration reverts to 90 days (default value)

nsx-edge> get user admin password-expiration
Thu Aug 29 2024 UTC 06:36:50.691
Password expires 90 days after last change <<------- 
 Current password will expire in 91 days
User will receive warning messages 7 days before password expires.

Only NSX 4.1.x is affected by this issue.

This issue is resolved in NSX 4.2.0 and later releases.

Change the password-expiration value again by admin CLI command for a temporary workaround until NSX can be upgraded to 4.2+
Refer to Manage Local User Accounts

This can also be avoided by changing the password using the following API with the password_change_frequency parameter:

PUT /api/v1/transport-nodes/{transport-node-id}/node/users/{userid}
PUT /api/v1/cluster/{cluster-node-id}/node/users/{userid}
PUT /api/v1/node/users/{userid}