How-to fix vMA 5.0 password complexity issue

Many admins have already been hit by very strict password complexity requirements of new vSphere Management Assistant 5.0. Having a strict password policy is a good thing to some degree but in vMA 5.0 it goes well above and beyond of just annoying.

image

Fortunately there is a fix so you can get rid of this nuisance. Before you follow instructions below, please make sure that by doing so you do not violate your company security policy.

  1. Set valid password for vi-admin, for example Qazx123!# should do
  2. Login to vMA shell as vi-admin
  3. Elevate session as root with “sudo –s
  4. Run “pam-config –d –-cracklib”, note double dashes on front of cracklib
  5. Exit root shell with “exit
  6. Change vi-admin password with “passwd” to your liking

Above pam-config command disables cracklib in vMA PAM (pluggable authentication module) configuration, cracklib is a PAM library which is used to enforce Linux, and it this case vMA account password strength.

10 Replies to “How-to fix vMA 5.0 password complexity issue”

  1. Tomi,

    I was unable to make this work. after running the “pam-config –d –-cracklib” command I would receive this:

    File /etc/pam.d/common-password is no symlink to /etc/pam.d/common-password-pc.
    New config from /etc/pam.d/common-password-pc is is not in use!

    So I added the following to backup the existing common-password file and replace it with the common-password-pc file.

    localhost:/etc/pam.d # cp common-password common-password-old
    localhost:/etc/pam.d # cp common-password-pc common-password

    I was then able to exit and set a new password in my Lab kit consistent with my simple Lab password.

    Paul

  2. Hi Paul,

    Great tip on cp’ing common-password-pc, but just a note, you still need to reset passwd by executing the command from the superuser account – e.g. sudo -s , passwd vi-admin.

    Thanks for the tip!

Leave a Reply