How-to fix vMA 5.0 password complexity issue 10

Many admins have already been hit by very strict password complexity requirements of new vSphere Management Assistant 5.0. Having a strict password policy is a good thing to some degree but in vMA 5.0 it goes well above and beyond of just annoying.

image

Fortunately there is a fix so you can get rid of this nuisance. Before you follow instructions below, please make sure that by doing so you do not violate your company security policy.

  1. Set valid password for vi-admin, for example Qazx123!# should do
  2. Login to vMA shell as vi-admin
  3. Elevate session as root with “sudo –s
  4. Run “pam-config –d –-cracklib”, note double dashes on front of cracklib
  5. Exit root shell with “exit
  6. Change vi-admin password with “passwd” to your liking

Above pam-config command disables cracklib in vMA PAM (pluggable authentication module) configuration, cracklib is a PAM library which is used to enforce Linux, and it this case vMA account password strength.

10 thoughts on “How-to fix vMA 5.0 password complexity issue

  1. Pingback: Welcome to vSphere-land! » vSphere 5 Links

  2. Reply Paul Pindell Sep 23,2011 16:45

    Tomi,

    I was unable to make this work. after running the “pam-config –d –-cracklib” command I would receive this:

    File /etc/pam.d/common-password is no symlink to /etc/pam.d/common-password-pc.
    New config from /etc/pam.d/common-password-pc is is not in use!

    So I added the following to backup the existing common-password file and replace it with the common-password-pc file.

    localhost:/etc/pam.d # cp common-password common-password-old
    localhost:/etc/pam.d # cp common-password-pc common-password

    I was then able to exit and set a new password in my Lab kit consistent with my simple Lab password.

    Paul

  3. Pingback: VMware: vMA Passwortkomplexität ändern » Admins Werk

  4. Reply Jim Bob Dec 23,2011 03:47

    Hi Paul,

    Great tip on cp’ing common-password-pc, but just a note, you still need to reset passwd by executing the command from the superuser account – e.g. sudo -s , passwd vi-admin.

    Thanks for the tip!

  5. Reply Watsh Jan 20,2012 01:04

    Thanks everyone and Jim Bob you completed the tip very well. Worked well for me.

  6. Pingback: APC Network Shutdown mit vMA und ESXi | | ElasticSkyElasticSky

  7. Pingback: vi-admin password reset on a vMA 5 « Adventures in a Virtual World

  8. Reply Batmat Apr 24,2013 16:18

    Thank you very much for this tip, very useful.

  9. Reply Mau Oct 8,2013 06:37

    Tested it in vMA 5.5.
    Works like a charm.
    Good work !

  10. Pingback: PigBlog » Blog Archive » Halt: Who Goes There?

Leave a Reply

banner