1. Confirm the account expiry:

• • SSH into the SDDC Manager Appliance with the vcf user and su to root 
    • Access the SDDC Manager database and run the following select query: 
      • psql -h localhost -U postgres 
      • \c operationsmanager
      • select * from passwordmanager.credential_expiry where resource_type='VCENTER';
        1. The output will be similar to this: 
           

           -----------------------------------------------------------------------------------------------
           id              | <id>
           credential_id   | <cred_id>
           resource_fqdn   | <vCenterFQDN> 
           username        | <svcAccountUsername> 
           expiry_date     | 1970-01-01 01:00:20.233077

      2. Change the expiry on the Account:  

• • SSH into the vCenter with the root user and run the following command: 
    
    
    • /usr/lib/vmware-vmafd/bin/dir-cli user modify --account svcAccountUsername --password-never-expires
      
      Note: When entering the svcAccountUsername do not include the domain name (ie. @vsphere.local).

After modifying the password to never expire from vCenter using dir-cli, if the expiry date on the SDDC UI still reflects 1970-01-01, run the below commands to update the credential_expiry table from the database.

Note: Take a snapshot of the SDDC manager VM before you perform the update. The expiry_date value is taken as a reference from another resource type.

• psql -U postgres -h localhost


• \c operationsmanager


• update passwordmanager.credential_expiry set expiry_date='2299-01-01 01:00:20.233077' where id='<id>';