NSX audit user on a transport node is unable to login or change password

Products

VMware NSX

Issue/Introduction

You are unable to login as the audit user on a transport node. You may see an error similar to the following:

Permission denied, please try again.
You are unable to change the password for the audit user account on a transport node. There is no option to do this in the NSX UI.

Environment

VMware NSX 4.1 and higher

Cause

The audit user account is not enabled on the transport node.

Resolution

Use the following steps to activate the audit user on the transport node and reset the password:

Note: The following steps must be run by a user with admin privileges.

Issue an API call similar to the following to get the list of transport nodes:

GET 'https://<NSX Manager IP or FQDN>/api/v1/transport-nodes

Note: You will see output similar to the following:
```
{
    "results": [
        {
            "node_id": "5bbde016-####-####-####-e4434bc847b4",
            ...
                "id": "5bbde016-####-####-####-e4434bc847b4",
                "display_name": "hostname",
                "tags": [],
                "_revision": 59
```
Note: Make a note of the node_id value corresponding to the transport node in question, as identified by the display_name value. In this example, the node_id value is 5bbde016-####-####-####-e4434bc847b4 and the display_name is hostname.
Issue an API call similar to the following to get the details for the audit user on the transport node in question:

GET 'https://<NSX Manager IP or FQDN>/api/v1/transport-nodes/<node_id>/node/users/10002'

Note: Replace <node_id> with the value observed in Step 1. 10002 will always be the id for the audit user.
Note: You will see output similar to the following:
```
{
    "_self": {
        "href": "/transport-nodes/5bbde016-####-####-####-e4434bc847b4/node/users/10002",
        "rel": "self"
    },
    "full_name": "",
    "last_password_change": 332,
    "password_change_frequency": 90,
    "password_change_warning": 7,
    "password_reset_required": false,
    "status": "NOT_ACTIVATED",
    "userid": 10002,
    "username": "audit"
}
```
Note: If the status value is "NOT_ACTIVATED", proceed to Step 3. If it is "ACTIVE", skip step 3 and proceed to Step 4.
If the audit user is not active, issue an API call similar to the following to activate the audit user and reset the password:

PUT 'https://<NSX Manager IP or FQDN>/api/vi/transport-nodes/<node_id>/node/users/10002'

Note: The JSON request body for this PUT request should look similar to the following:
```
{
"old_password": "",
"password": "<new password>"
}
```
Note: Replace <new password> with the desired password for the audit user.
Note: You will see output similar to the following:
```
{
    "_self": {
        "href": "/transport-nodes/5bbde016-####-####-####-e4434bc847b4/node/users/10002",
        "rel": "self"
    },
    "full_name": "",
    "last_password_change": 0,
    "password_change_frequency": 90,
    "password_change_warning": 7,
    "password_reset_required": false,
    "status": "ACTIVE",
    "userid": 10002,
    "username": "audit"
}
```
If the audit user is active but the password needs to be reset by an admin user, issue an API call similar to the following:

POST `https://<NSX Manager IP or FQDN>/api/vi/transport-nodes/<node_id>/node/users/10002?action=reset_password`

Note: The JSON request body for this POST request should look similar to the following:
```
{
"password": "<new password>"
}
```
Note: Replace <new password> with the desired password for the audit user.
Note: You should receive an HTTP 200 response code if this is successful.

Additional Information

Manage Local User Accounts