Some services accounts on the SDDC manager will always show the status as "--", no matter when the password rotation or remediation is successful.
This could lead to confusion as to if the password rotation is complete or not.
VCF 4.x VCF 5.x
Service users on VCF usually have the tag, [email protected]. Some of these services users are created and used by SDDC manager for its own workflows. Such as password validation, prechecks etc.
Some services users are created in the same format with svc-username but would be created with VC's SSO domain and it can be seen on the vCenter's user list as well. These service users are created by the respective component that requires interaction with the vCenter.
Example of such users are:[email protected], [email protected].
Note: The username naming convention would vary on the infra.
These above users are created by NSX and VXRAIL manager respectively for its own workflow with the vCenter. Hence these passwords are not stored in the SDDC manager's database inventory. Hence their status on the SDDC manager shows up as "--".
However, since SDDC manager provides password management, it facilitates the rotation options to perform auto rotation or manual password remediation.
If the passwords for these accounts are rotated or remediated, the log would indicate APIs updating on both the vCenter and the respective end point component.
This is an expected behavior for service users created for another component workflow, there are no operational impacts due to the status being shown.
Customer to set up a password rotation for these users from the SDDC manager to perform user management from a single on SDDC manager.