As of VCF 3.9.0 (VxRail 4.7.300) there is a requirement for dual authentication in the form of a privileged user. In addition to configuring NSX Manager backups this privileged user is required to perform tasks associated with managing passwords such as:
- Updating Passwords
- Rotating Passwords
- Performing a look up of credentials
The privileged user is created as an SSO user leveraging the vSphere HTML client as follows:
Log into vCenter and navigate to Administration -> Single Sign On -> Users and Groups, select your appropriate domain and click ‘Add User’, provide a username and password and click ‘ADD’:
Next create a new group named ‘Sddc_secured_access’ and add the newly create user ‘priv_user’:
SDDC Manager Dual Authentication configured! I will provide working examples of where this privileged user gets leveraged in later posts.