I was asked today to look at an issue where backups of our virtual machines on VMware ESX had started to fail.
We use Vizioncore’s vRanger Pro for backing up the VM’s and it has a “user account” on each of the VMware ESX servers.
After a quick look, I figured out what had happened. Password aging was set to require a password change every 90 days. Since we don’t “interactively” log on to the ESX servers with this user account, however, we didn’t see the warnings.
We currently don’t have a “you must change your password every x days” policy because we have a policy requiring long, complex passwords. Because of this we didn’t want to change those passwords every 90 days per the default.
The fix was simply to disable password aging for vRanger Pro’s user account on the ESX servers.
# passwd -x 99999 -w 7 -n 0 vranger
Note: The “-w 7 -n 0” is probably unnecessary, but keeps this account’s settings consistent with the others in our environment.