Cannot add ESXi host back to vCenter – “Weak password, too short”
Symptom
You have disconnected and removed your ESXi host from the vCenter for any reason and when you wanted to add it back and after you finished with the “Add Host…” wizard, you get the following error message: “A general system error occurred: Weak password: too short. *** passwd: Authentication token manipulation error”
Cause
In my case the main issue was that because security reason we set a strict password policy to allow passwords only if it is forty (40) characters long. When the vCenter try to create/update the vpxuser’s password it is going to be failed because the password complexity is stricter than what the vCenter want to set.
To verify your password complexity login to your currently standalone ESXi host with the root account and navigate to Manage > System > Advanced settings and type Security.PasswordQualityControl to the search field. Its default value is “retry=3 min=disabled,disabled,disabled,7,7” but in my case, because the mentioned security thing it is modified to “retry=3 min=disabled,disabled,disabled,40,40”.
Solution
The good news is you do not need to modify the root account’s password to solve this issue. To be able to add your ESXi host back to the vCenter just follow these steps:
- Log in to the standalone ESXi host if you are not already logged in
- Navigate to Manage > System > Advanced settings and type Security.PasswordQualityControl to the search field, select the setting and click to “Edit option”
- Edit the value to be the default “retry=3 min=disabled,disabled,disabled,7,7” one then click to Save
- Log in to the vCenter and start the “Add Host…” wizard. Enter the “Name and location” then enter the “Connection settings” then Next
- The “Host summary” page should be visible
- Finish the wizard
- Now the ESXi host should be available in the vCenter
- Go back to the ESXi host’s GUI and set back the Security.PasswordQualityControl advanced settings to its previous value and Save the modification
