Active Directory user logged into the vSphere GUI shows a password expiration warning
Article ID: 425529
Updated On:
Products
Issue/Introduction
When logging in to the vSphere Client using an Active Directory (AD) user account, a warning message is displayed at the top of the vSphere GUI indicating that the user’s password will expire in a specified number of days (for example, “Your password will expire in 13 days”).
This message may cause confusion, as it does not clearly indicate which password is expiring.
Environment
VMware vCenter Server 7.x
VMware vCenter Server 8.x
Cause
The warning message is generated due to the Active Directory password policy applied to the domain user account used to log in to the vSphere Client
Resolution
Change the password for the affected Active Directory user account using one of the following methods:
- Active Directory Users and Computers
- The organization’s standard password management or self-service portal
After the password is updated in Active Directory, log out and log back in to the vSphere Client to confirm the warning message no longer appears
Additional Information
This behavior is expected and by design when vCenter Server is configured with an Active Directory identity source.
The vSphere Client simply displays the password expiration warning received from Active Directory; it is not related to the vCenter Server Appliance (VCSA) root password or SSO local accounts.
No configuration changes are required on the vCenter Server side.
For additional reference, see the following Broadcom Knowledge Base article:
KB 332301 – Password expiration behavior and authentication considerations
Feedback
