Skip to main content
Contact Us

Dell VxRail Security Configuration Guide

PDF

Authentication

This section describes default settings and configuration options to authenticate to VxRail.

The following figure provides an overview of the authentication for VxRail:

Figure 1. VxRail authentication

VxRail authentication

Authentication overview

VxRail uses VMware SSO to authenticate users to the following components:
  • VxRail Manager in VMware vCenter Server
  • VxRail Manager REST API interface
An AD or OpenLDAP enterprise Identity Provider (IdP) may be integrated with VMware SSO. IdP integration provides centralized password and account policy management to align with your security standards and policies.

VxRail account definitions

The following table provides definitions of VxRail accounts:

Table 1. VxRail accountsVxRail accounts
Component User ID Privileges or roles Purpose Initialization Customer updated VxRail stored
iDRAC root Admin iDRAC administration Set by the customer after deployment Yes No
VMware vCenter Server Appliance administrator@vsphere.local Admin VMware vCenter Server administration Set by the customer at the first run Yes No
VMware vCenter Server Appliance Customer defined VMware HCIA management VxRail management Set by the customer at the first run Yes VxRail Lockbox
VMware vCenter Server Appliance root Admin Operating system administration Set by the customer at the first run Yes No
VxRail Manager root Admin Operating system administration Set by the customer at the first run Yes No
VxRail Manager service user Service user Set by the customer at the first run Yes No
VxRail Manager mystic user Basic diagnostic user Set by the customer at the first run Yes No
VxRail Node root Admin VMware ESXi administration Set by the customer at the first run Yes No
VxRail Node Customer defined Admin VxRail management Set by the customer at the first run Yes VxRail Lockbox

VxRail password rotation

For VxRail 8.0.210 and later, you can rotate passwords for the VxRail accounts.

The following table provides the steps to rotate passwords:

Table 2. Rotate component passwordsRotate component passwords.
Component User ID Instructions
iDRAC root
  1. Click an ESXi menu tree node on VxRail Manager.
  2. Select the Configure tab.
  3. Select VxRail > iDRAC Configuration.
  4. Click Edit in the Users window.
  5. Follow the prompts of the wizard to complete the password rotation.
For more information, see Update the iDRAC user account and validate the current password .
VMware vCenter Server Appliance administrator@vsphere.local Change Your vCenter Single Sign-On Password
VMware vCenter Server Appliance Customer defined (VxRail 8.0.210 and later)
  1. Click a cluster menu tree node on VxRail Manager.
  2. Select the Configure tab.
  3. Select VxRail > Security.
  4. Select the Credentials tab and click Edit.
  5. Follow the prompts of the wizard to complete the password rotation.
For more information, see Update the management user passwords (v3).
VMware vCenter Server Appliance rootChange Your vCenter Single Sign-On Password
VxRail Manager rootservicemystic VxRail: Changing VxRail Service VM passwords
VxRail Node rootChanging an ESXi host root password
VxRail Node Customer defined (VxRail 8.0.320 and later)
  1. Click a cluster menu tree node on VxRail Manager.
  2. Select the Configure tab.
  3. Select VxRail > Security.
  4. Select one host and click Edit.
  5. Select the VMware ESXi host management password in the Configure item.
  6. Enter the current and new password and click APPLY.
For more information, see Update the management user passwords (v3).

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\