Connectrix: "svc-nxcloud" User Visible When Intersight Feature is Disabled on Switch

Beginning with Cisco NX-OS MDS9000 Release 9.3(2), the Device Connector on NX-OS feature is supported which provides a secure way for the connected devices to send information and receive control instructions from the Cisco Intersight portal, using a secure Internet connection.

The Cisco MDS9000 switch must properly resolve svc.intersight.com and allow outbound initiated HTTPS connections on port 443. To resolve svc.intersight.com, you must configure DNS on the Cisco MDS9000 devices. If a proxy is required for an HTTPS connection to svc.intersight.com, the proxy can be configured in the NXDC user interface.

The "Intersight" (NXDC) feature gets enabled by default after NX-OS 9.3(2).

After upgrade to an Intersight capable release, "svc-nxcloud" and "svc-nxcloud-1" user accounts may be visible in the running configuration even if Intersight is disabled.

Excerpts from logs:

`show feature` 

Feature Name         Instance State 

-------------------- -------- -----

intersight           1        disabled

show running-config:

username svc-nxcloud password 5 <removed>  role network-admin

username svc-nxcloud passphrase  lifetime 99999 warntime 14 gracetime 3

Cisco issue CSCwh50405
The user account is related to Intersight functions and should be disabled if Intersight is disabled.

Cisco switches were upgraded from NX-OS v9.2.1 to v9.3.2a code. After code upgrades, local users "svc-nxcloud-1" and "svc-nxcloud" with network-admin were created.

Workaround:
There is no workaround. This is cosmetic as account is not usable using real user processes that is CLI.

Disable the feature if it is not being used:
Example:

switch(config)# no feature intersight