Skip to main content
NetApp Knowledge Base

CONTAP-618601: security login role config option change-delay is not effective after setting the value to 1

  1. Last updated
  2. Save as PDF
Views:
3
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

Issue

  • After modifying the option '-change-delay' to 1 day which from role config of the admin role, the admin user cannot change the password in that day but it be able to change the password randomly after 1 days later.

cluster1::> security login role config show -role admin -vserver cluster1
Vserver: cluster1
Role Name: admin
Require Initial Password Update on First Login: disabled
Delay Between Password Changes (Days): 1
cluster1::> security login password -username admin
Enter your current password:
Enter a new password:
Enter it again:
Error: command failed: Minimum password change interval (days): 1.
cluster1::> date
Node Date Time zone
--------- ------------------------ -------------------------
cluster1-01
Fri Feb 20 05:44:08 2026 Etc/UTC
cluster1-02
Fri Feb 20 05:44:08 2026 Etc/UTC
2 entries were displayed.
cluster1::> date
Node Date Time zone
--------- ------------------------ -------------------------
cluster1-01
Mon Feb 23 00:00:04 2026 Etc/UTC
cluster1-02
Mon Feb 23 00:00:03 2026 Etc/UTC
2 entries were displayed.
cluster1::> security login password -username admin
Enter your current password:
Enter a new password:
Enter it again:
cluster1::> security login password -username admin
Enter your current password:
Enter a new password:
Enter it again:
cluster1::>

  • After modifying the option '-change-delay' to 1 day and enable the option '-require-initial-passwd-update' which from role config of the admin role, then create a new admin user to prompt the new password, the new admin user be able to change the password randomly within 1 day.


cluster1::> security login role config show -vserver cluster1 -role admin
Vserver: cluster1
Role Name: admin
Require Initial Password Update on First Login: enabled
Delay Between Password Changes (Days): 1
cluster1::> security login create -user-or-group-name admin1 -authentication-method password -application ssh -role admin
Please enter a password for user 'admin1':
Please enter it again:
login as: admin1
Keyboard-interactive authentication prompts from server:
| Password:
End of keyboard-interactive prompts from server
Last login time: 11/25/2025 05:24:55
Unsuccessful login attempts since last login: 3
Your password has expired. Choose a new password.
Enter a new password:
Enter it again:
cluster1::> security login password -username admin1
Enter your current password:
Enter a new password:
Enter it again:

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.