vSphere 6.5 – vCSA Update Root Password Expiry

This post is applicable to customers using VMware vCenter Server Appliance 6.5.


  1. You update your vCSA 6.5 instance to 6.5 U1a.
  2. After the update is completed successfully, the root Password Expiry Policy is enabled with 365 days, when it was previously disabled.
  3. This introduces operational risk to your environment where you could be locked out of the root account after a year has elapsed.

Update: VMware has informed me that this is a known issue to be corrected in a future update.

Continue reading