The Backup solution account disconnected due to password expiry, as shown in SDDC manager password management page.
search cancel

The Backup solution account disconnected due to password expiry, as shown in SDDC manager password management page.

book

Article ID: 386100

calendar_today

Updated On:

Products

VMware SDDC Manager

Issue/Introduction

  • This article outlines the steps to mark the status to ACTIVE for a disconnected backup account in SDDC Manager Password Management.
  • The backup account was disconnected in SDDC Manager password management.
  • Resetting password expiry for SDDC Manager Backup user.


Environment

VMware Cloud Foundation

Cause

  • The user ID password is expired.
  • A mismatch between the password stored in SDDC database and the currently used 'backup' password.
  • The remediate and update options in SDDC UI will not work and will be unsuccessful.

Resolution

To resolve the conflict password between SDDC and the Backup server issue follow the below steps:
 

  1. Take SSH to SDDC Manager with vcf user and su to root.
  2. Get the password for the Backup solution accounts.
    a. Run the command lookup_passwords and enter the entity type as BACKUP.
    Note down the password for the 'backup' ID.

    Or
    b. Use API (SDDC Manager > Developed Centre > API Explorer > Credential > GET /v1/credentials > resourceType - BACKUP > Execute.
    Note down the password for the 'backup' ID.
     
  3. To check if the backup user password is expired use su to try change to the backup user:  su - backup
  4. If the password is expired you will get the following output:

 

             You can also use:

              # get user ID password-expiration

              # chage -l backup"

        

        Sample output:

        Last password change : Jan 12, 2024

        Password expires : Jan 12, 2025

        Password inactive : never

        Account expires : never

        Minimum number of days between password change : 0

        Maximum number of days between password change : 365

        Number of days of warning before password expires : 7

 

a. If password expiry is not set or above 9999 then set the password expiry with the below command
set user ID password-expiration <number of days> 

Sample:

  "# chage -I -1 -m 0 -M 99999 -E -1 backup"

b. Confirm the password expiry status
     "# chage -l backup"

          Sample output:
          Last password change : Jan 12, 2024
         Password expires : never
         Password inactive : never
         Account expires : never
         Minimum number of days between password change : 0
         Maximum number of days between password change : 99999
         Number of days of warning before password expires : 7

or alternatively you can set a specific expiry date:  chage -d 2025-05-15 backup  (NOTE: 2025-05-15 is just an example, you will need to set a date appropriate to your circumstances)

5. Set the 'backup' ID password to match with the password output from Step # 2
set user ID password
"# passwd backup"   (This action will be taken care of by the Backup server owner).

6. Remediate the same password in SDDC Manager.

Additional Information

Impact/Risks:

None- The steps provided are safe to run with no downtime on any of the components involved.

Powered by Wolken Software