As of VCF 3.9.0 (VxRail 4.7.300) there is a requirement for dual authentication in the form of a privileged user. In addition to configuring NSX Manager backups this privileged user is required to perform tasks associated with managing passwords such as:

  • Updating Passwords
  • Rotating Passwords
  • Performing a look up of credentials

The privileged user is created as an SSO user leveraging the vSphere HTML client as follows:

Log into vCenter and navigate to Administration -> Single Sign On -> Users and Groups, select your appropriate domain and click ‘Add User’, provide a username and password and click ‘ADD’:


Next create a new group named ‘Sddc_secured_access’ and add the newly create user ‘priv_user’:


SDDC Manager Dual Authentication configured! I will provide working examples of where this privileged user gets leveraged in later posts.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s