Many admins have already been hit by very strict password complexity requirements of new vSphere Management Assistant 5.0. Having a strict password policy is a good thing to some degree but in vMA 5.0 it goes well above and beyond of just annoying.
Fortunately there is a fix so you can get rid of this nuisance. Before you follow instructions below, please make sure that by doing so you do not violate your company security policy.
- Set valid password for vi-admin, for example Qazx123!# should do
- Login to vMA shell as vi-admin
- Elevate session as root with “sudo –s”
- Run “pam-config –d –-cracklib”, note double dashes on front of cracklib
- Exit root shell with “exit”
- Change vi-admin password with “passwd” to your liking
Above pam-config command disables cracklib in vMA PAM (pluggable authentication module) configuration, cracklib is a PAM library which is used to enforce Linux, and it this case vMA account password strength.
Tomi,
I was unable to make this work. after running the “pam-config –d –-cracklib” command I would receive this:
File /etc/pam.d/common-password is no symlink to /etc/pam.d/common-password-pc.
New config from /etc/pam.d/common-password-pc is is not in use!
So I added the following to backup the existing common-password file and replace it with the common-password-pc file.
localhost:/etc/pam.d # cp common-password common-password-old
localhost:/etc/pam.d # cp common-password-pc common-password
I was then able to exit and set a new password in my Lab kit consistent with my simple Lab password.
Paul
Hi Paul,
Great tip on cp’ing common-password-pc, but just a note, you still need to reset passwd by executing the command from the superuser account – e.g. sudo -s , passwd vi-admin.
Thanks for the tip!
Thanks everyone and Jim Bob you completed the tip very well. Worked well for me.
[...] Host Profiles Free in ESXi 5? (Virtually Ghetto) Tips and Tricks for vMA 5 (Virtually Ghetto) How-to fix vMA 5.0 password complexity issue (vReality) vSphere 5.0: ESXCLI (Yellow [...]
[...] einfacherer Passwörter zuweisen.
Für den vi-admin sähe das so aus:sudo passwd vi-admin (via) Ähnliche Beiträge:VMware ESXi: Lizenz zuweisenWährend meiner Tests mit VMware wollte ich den [...]
[...] etwas verschärfte Richtlinien für Sicherheit angelegt. Wen das stört, der kann z.B. hier eine Anleitung lesen, wie man auf weiche Passwörter umstellt. Das ist vor allem in Testumgebungen [...]
[...] has a stronger password complexity setting. In my homelab, my default password was not accepted. This post (credits go to Tomi Hakala at vReality) gives directions how to adjust the complexity settings. [...]