ESXi: esxi-8.account-auto-unlock-time

Information

The ESXi host must unlock accounts after a specified timeout period. This ensures that user accounts on the ESXi host are automatically unlocked after a defined period of inactivity. By enforcing automatic account unlocking, organizations can maintain a balance between security and usability, ensuring that idle accounts are reactivated promptly while minimizing the potential for unauthorized access.

Solution

PowerCLI Command Assessment Example: Get-VMHost -Name $ESXi | Get-AdvancedSetting Security.AccountUnlockTime

See Also

https://github.com/vmware/vcf-security-and-compliance-guidelines/raw/refs/heads/main/security-configuration-hardening-guide/vsphere/8.0/