How to login to NSX-T Manager using NSX-T Local account

By default, NSX-T appliances have only two built-in users: admin and audit. In the larger organization, we need Role-based access control to access any application. The same applies to NSX-T as well. We can integrate NSX-T with VMware Identity Manager (vIDM) and configure role-based access control (RBAC) for users that vIDM manages. With VMware Identity Manager, you can set up and manage authentication methods and access policies, customize a catalog of resources for your organization’s applications and provide a secure multi-device managed user access to those resources.

To set up Role-based access for NSX-T, we need to integrate NSX-T with VMware Identity Manager. Before we integrate NSX-T with VIDM, we need to configure the directory services integration with the VMware Integrity manager.

After you set up the NSX-T with the VMware Identity Manager, NSX-T no longer provides the option to local login to NSX-T Manager using an admin account. It will always by default redirect to the SAML source (VIDM) login.

This is good to redirect to the SAML login and you will be able to log in with your active directory credentials but what will happen if your VIDM is having some issues or VIDM is down.

By default, NSX-T Manager redirects to the SAML source with VIDM. If VIDM is broken, It won’t allow the option to log in to the NSX-T Manager. Till NSX-T version 2.3, If NSX-T is integrated with VIDM you would get a choice during the login which type of account you are going to provide (remote or local). From NSX-T version 2.4, you will no longer get the option and will always default to the SAML source (VIDM).

Since VIDM is broken or down, We won’t be able to login to NSX-T Manager via VIDM. So only option to log in to the NSX-T manager using the Local account such as “admin”. But we don’t get the option login using local admin.

Then, How can we log in to the NSX-T Manager using a local account?

To force the NSX-T manager login with a local account provide this specific URL:

https://<NSX-T_FQDN/IP>/login.jsp?local=true

 

NSX-T Local Account login

I hope this is a simple article that will definitely helps you to quickly login to NSX-T Manager using Local account login by just forcing it via the NSX-T manager URL. This will be extremely useful especially when we are troubleshooting VIDM issues or other NSX-T related issues.

I hope this is informative for you. Thanks for Reading!!!. Be social and share it on social media, if you feel worth sharing it.