Managing the Single Sign-On Password Policy
When installing the vCenter Platform Service Controller (PSC), a default Single Sign-On (SSO) domain is created. By default, this domain is vsphere.local, but with vSphere 6.0, this domain can be defined by the user during the installation.
The vsphere.local domain becomes an identity source for SSO. Users within this identity source can be configured to administer SSO. These users can also be assigned permissions within vCenter. Each user authenticates using a password. Password lifetime, complexity, and how to handle failed login attempts are configured by the policy in SSO. These policies should be configured to maintain compliance with the security requirements of the design.
How to do it…
To configure SSO password policies, perform the following steps:
- Use the vSphere Web Client to access the SSO configuration and policies. Password Policy is shown in the following screenshot:
- Edit Password Policy to set the password expiration and complexity...