Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000158231


Dell VxRail: Account and password rules in VxRail

Summary: Summary on rules for account and password that is implemented by VxRail.

Article Content


Instructions

- Accounts used during initial deployment

1. vCenter administrator account:
This is the administrator account for vCenter (VC) server. It has full authorization to all vCenter operations. For an internal VC, the account name should be administrator@vsphere.local. For external VC, customer should provide the account name with the same permission as administrator@vsphere.local. 

2. Management account:
This is the management account that is used by VxRail Manager. It is created on the PSC and each ESXi host with localos domain. In the PSC, it will get the VMware HCIA Management permission after initial deployment. In each ESXi host, it will be assigned with the administrator permission after initial deployment. The customer selects the management account username during initial deployment. For external VC, customer creates this account without any permission or any group that is assigned to it.

3. vCenter and PSC root account:
This is the existing Linux system root account in vCenter and PSC. They are used for script execution and file uploading on the VM in some workflows such as initial configuration, node addition and so forth.

4. ESXi host root account:
This is the existing ESXi system root account for each host. They are used for script execution and file uploading on the host in some workflows such as initial configuration, node addition etc.


- Account naming restrictions

1. vCenter administrator account
For internal VC, it is fixed to "administrator@vsphere.local", no other restrictions.
For external VC, it is provided by customer, no restriction from the VxRail Manger point of view.

2. Management account
For internal VC, it is chosen by customer at initial deployment. The account name must comply with restrictions by PSC and ESXi hosts.
For external VC, it is provided by the customer. The account name must comply with restrictions by PSC and ESXi hosts.
  • PSC restrictions
-- For localos domain: Match the regular expression
 [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]?, up to 32 characters.
-- For customer-specified domain:  Follow the restrictions in the specific domain.
  • ESXi restrictions: Match the regular expression
    [A-Za-z_][A-Za-z0-9_-]*[A-Za-z0-9_$-]?, up to 16 characters.

3. vCenter and PSC root account
Fixed Linux system root account in vCenter and PSC, no other restrictions.

4. ESXi system root account
Fixed ESXi system root account in each ESXi host, no other restrictions.


- Password restrictions

General suggestion for all the accounts - Avoid using special characters in password, such as / ? ; , . | \ ' " & $ = ` < # 

1. vCenter administrator password:
The password that is entered for the administrator account is applied on the vCenter administrator account, vCenter, and PSC root account. The password must comply with password restrictions by vCenter and VM system policy. It is used to deploy the VM from VxRail Manager, and comply with the code restrictions by VxRail Manager.
  • vCenter software restriction: VC password policy
  • VM system policy: Refer to Linux default password restriction
  • VxRail Manager code restrictions: KB 478547 (Internal restricted article)

2. Management password:
For internal VC, management account is chosen by customer at initial deployment. Account name must comply with restrictions by PSC and ESXi hosts.
For external VC, account is provided by customer. The password should comply with restrictions on PSC and ESXi host. 
  • PSC VM system policy: Refer to Linux default password restriction
  • ESXi restriction: ESXi password policy, blank space not allowed
  • From release 4.0.0 to 4.0.200, the Secure Remote Services admin password is aligned with management password. The password must comply with Secure Remote Services admin password rule as well. Ref to KB 497857

3. vCenter and PSC root account
Same password as vCenter administrator account, refer to the above section.

4. ESXi host root account
ESXi password policy, blank space not allowed

Additional Information

The password for vCenter administrator account and vCenter and PSC root account should be aligned all the time. Password inconsistency leads to node replacement and single node addition procedure failures.

Article Properties


Product

VxRail 460 and 470 Nodes

Last Published Date

31 May 2022

Version

4

Article Type

How To