Forum Discussion

starboy9's avatar
5 years ago

Bad Credential Monitoring


I have recently seen an issue with the LM service taking down a few ESX hosts.  The issue appears to have been caused by inadvertently applying ESXi credentials from the parent group.  What had happened was that once the systems were moved into monitoring, the credentials that were imported to the root directory were used for discovery.  This caused the root account to be locked out and then hostd service to become so overwhelmed that the hosts needed to be restarted.  Esentially it was DDoS'ing the systems so they needed to be rebooted after the LM services were stopped.  Below is the KB from VMware regarding the issues that were caused.

Are we able to put in place something that will stop the authentication requests if there is "X" number of failed login attempts?

Thanks in Advance.