"Your account has expired" error when logging into Tanzu Kubernetes cluster nodes as vmware-system-user
search cancel

"Your account has expired" error when logging into Tanzu Kubernetes cluster nodes as vmware-system-user

book

Article ID: 427381

calendar_today

Updated On:

Products

VMware vSphere Kubernetes Service

Issue/Introduction

The following error occurs when attempting to connect to a node on a Tanzu Kubernetes cluster via SSH and log in with the vmware-system-user account:

# ssh vmware-system-user@###.###.###.###
(vmware-system-user@###.###.###.###) Password:
Your account has expired; please contact your system administrator.

Environment

VMware vSphere Kubernetes Service

Cause

This is caused by the expiration of the vmware-system-user account.

Resolution

  1. Log in to the vCenter Server via the vSphere Client with administrator credentials.
  2. Right-click the target node (Virtual Machine) within the cluster and select [Edit Settings..].
  3. A warning message may appear; select [YES] to proceed to the menu.
  4. Navigate to the [VM Options] tab, expand [Boot Options], and change the Boot Delay to 10000 milliseconds. Click [OK].
  5. Right-click the target node and select [Power] > [Shut Down Guest OS] to initiate the shutdown process.
  6. In the confirmation dialog, click [YES] to proceed with the shutdown.
  7. From the [Summary] tab of the target node, select [LAUNCH REMOTE CONSOLE] to connect to the virtual console.
    ※ If you do not have VMRC installed, perform the following steps instead of selecting [LAUNCH REMOTE CONSOLE]:
    1. Monitor the [Recent Tasks] pane instead of launching the Remote Console.
    2. As soon as the [Power On guest OS] task appears, select [LAUNCH WEB CONSOLE] from the node's [Summary] tab.
    3. Click [YES] on the confirmation message to continue displaying the console.
  8. If the target node is running Photon OS, press the "e" key when the boot screen appears to enter the GNU GRUB menu.
  9. Append "rw init=/bin/bash" to the end of the line starting with "linux", then press "Ctrl-x" or "F10" to exit the GNU GRUB menu and boot.
  10. Check the status of the vmware-system-user's expiration:
    chage -l vmware-system-user
  11. Set the vmware-system-user to never expire:
    chage -m 0 -M -1 vmware-system-user
  12. Confirm that the vmware-system-user is no longer expired:
    chage -l vmware-system-user

    ※ Sample:

    vmware-system-user@nodename [ ~ ]$ chage -l vmware-system-user
:::
Password expires                                        : MM DD, YYYY
:::
Account expires                                         : MM DD, YYYY
:::

vmware-system-user@nodename [ ~ ]$ sudo chage -m 0 -M -1 vmware-system-user
vmware-system-user@nodename [ ~ ]$ chage -l vmware-system-user
:::
Password expires                                        : never
:::
Account expires                                         : never
:::
  13. Reboot the target node by running:
    reboot -f

Additional Information

As a workaround, you can clear the expiration of the vmware-system-user account by following the resolution steps in the KB article below.

vmware-system-user account expired on vSphere Supervisor Workload Cluster Nodes (319375)

Japanese KB: Tanzu Kubernetes クラスタノードに vmware-system-user アカウントでログインすると "Your account has expired" エラーが表示される (427378)

Powered by Wolken Software