Hi,
I'm trying to change all the root passwords by cluster name. I can't get it to work, I don't know what I'm doing wrong. Can someone please help? Here is what I've been trying, but it's not working:
# Clear display
Clear-Host
# Import required modules#
Import-Module VMware.PowerCLI
# Define static variables (edit as needed)
$Cluster = 'RegionA01-COMP01'
$NewPwd = 'HelloWorld$'
$vCenter = 'vcsa-01a.corp.local'
# Connect to vCenter
Connect-VIServer -Server $vCenter -Force | Out-Null
# Begin transcript
$TodaysDate = (Get-Date).ToString("yyyyMMdd")
if (!(Test-Path -Path "c:\scripts\results")) {New-Item -Path "c:\scripts\" -Name results -ItemType Directory}
Start-Transcript C:\scripts\results\$TodaysDate.$Cluster-host_root_pwd_chg.txt -Append
# Create a variable array for all hosts
$VMhosts = Get-Cluster -Name $Cluster | Get-VMHost | Select-Object Name -ExpandProperty Name
# Begin loop to reset password for hosts within the $Cluster defined variableForeach ($VMhost in $VMHosts)
{
# Connect to the host, change the root password on the host, then disconnect from the host Connect-VIServer -Server $VMhost -Force | Out-Null
Set-VMHostAccount -UserAccount root -Password $NewPwd -Verbose -ErrorAction Continue | Format-Table -AutoSize
Disconnect-VIServer -Server $VMhost -Confirm:$false | Out-Null}
# Disconnect from vCenter
Disconnect-VIServer -Server $vCenter -Confirm:$false | Out-Null
# End transcriptStop-Transcript
If it helps, I have been trying to test this on this Hands-On Lab. They have public/private keys for auto-login, so you have to disable that to test the password change.
If you help, can you please include the entire script from start to finish so I can just throw it straight into a ps1 file? I'm desperate to get this working.
Thank you in advance!
Something like this?
$pswd = 'VMware1!'
$newPswd = 'VMware2!'
$vcName = Read-Host -Prompt "vCenter"
$clusterName = Read-Host -Prompt "Cluster"
Connect-VIServer -Server $vcName
$esxServers = Get-Cluster -Name $clusterName | Get-VMHost
foreach($esx in $esxServers){
$srv = Connect-VIServer -Server $esx.Name -User $user -Password $pswd 4> $null
if($srv){
Set-VMHostAccount -UserAccount $user -Password $newPswd -Server $srv -Confirm:$false
Disconnect-VIServer -Server $esx.Name -Confirm:$false
}
else{
Write-Host "Logon failed $($esx.Name)"
}
}
Disconnect-VIServer -Server $vcName -Confirm:$false
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I think I already answered your question before, see Re: Change Passwords On All ESXi Hosts
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Sorry about that, I missed it. Someone told me to start a new thread. I will test it tomorrow! Thank you so much.
LucD: (Or anyone that wants to contribute)
I tried the following your suggestion code, and here is what I got:
(I used the HOL: HOL-2012-01-SDC - VMware vSphere Automation - PowerCLI - Because I don't have a lab environment right now. Hoping to get Lab Connect in the future) In the lab they have auto login with root with certificates, but I followed this https://cormachogan.com/2016/04/13/ssh-esxi-hosts-without-providing-password/ , so I can disable the root password auto feature so I can test it. But I didn't even get that far if you see the red error messages below.
Can you help make this work? Thank you very much. ( I have to snap pictures because I can't copy text from the HOL to my local computer, but I can copy text from my computer to the HOL. )
Thank you.
The variable $esxName is not initialised, that line should be
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Okay thanks. I'll give that a try.
Hi, I tried the change. Here is the error I'm getting now:
Is there a way around this? Thank you for all your help!
The function Set-EsxHost is a function that the submitter of the original thread created.
It is not a PowerCLI cmdlet.
If you want to use it, you will have to include the function.
See Re: Change Passwords On All ESXi Hosts for the function.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Hi again,
I'm really lost. can we forget about the other function and start from scratch? I should have just asked this to begin with, but I was trying to learn along the way, but now I'm kind of desperate. I'm getting better though!
I've learned a lot through this process, but by any chance can you just help me write a complete script from scratch that will change all the ESXi passwords by vCenter, and then by Cluster name? Which I can simply through in a .ps1 file and be on my way? Then I can get my project done. I'd appreciate it it big time!
I saw this post by you which seems similar: /thread/600433 , it just needs the cluster information put in. I can't change all the passwords at once, because we share the vCenter with others, and I don't want to accidentally wipe out their password, so that's why I want to set a variable with the cluster name.
This is the version of PowerCLI in the lab:
Name: Windows Powershell ISE Host
Version: 5.1.14409.1018
Thank you so much, and I apologize about asking so many questions and making it confusing.
Do you have a link to that thread?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Are you referring to your thread I mentioned? It's this one:
communities.vmware.com/thread/600433
Otherwise these are the other two threads I don't really need anymore:
communities.vmware.com/thread/625346
communities.vmware.com/thread/621027
I just simply need a good script I can input the vCenter in and the clustername, and then run it, and it will change every hosts root password which I can define in a variable.
I haven't been having luck with anything I've been trying thus far. :smileyconfused:
Thank you!
Something like this?
$pswd = 'VMware1!'
$newPswd = 'VMware2!'
$vcName = Read-Host -Prompt "vCenter"
$clusterName = Read-Host -Prompt "Cluster"
Connect-VIServer -Server $vcName
$esxServers = Get-Cluster -Name $clusterName | Get-VMHost
foreach($esx in $esxServers){
$srv = Connect-VIServer -Server $esx.Name -User $user -Password $pswd 4> $null
if($srv){
Set-VMHostAccount -UserAccount $user -Password $newPswd -Server $srv -Confirm:$false
Disconnect-VIServer -Server $esx.Name -Confirm:$false
}
else{
Write-Host "Logon failed $($esx.Name)"
}
}
Disconnect-VIServer -Server $vcName -Confirm:$false
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
LucD,
I'm glad I found this particular script in some of your other threads. If I didn't point this one out, would you have pretty much suggested the same thing?
One thing I had to pull out was the: Read-Host -Prompt I was wondering why that was in the code? I just commented it out here, but in my real script, I just yanked it out in both lines. Then everything worked out pretty great. I just need to test it in Production on Monday, then I'll award you the points. Since you're a moderator, can you delete the other two threads? Those aren't needed and are confusing. This one is good for others to view and use. Thank you for everything.
$user = 'root'
$pswd = 'VMware1!'
$newPswd = 'VMware2!'
$vcName = <#Read-Host -Prompt#> "vcsa-01a.corp.local"
$clusterName = <#Read-Host -Prompt#> "RegionA01-COMP01"
Connect-VIServer -Server $vcName
$esxServers = Get-Cluster -Name $clusterName | Get-VMHost
foreach($esx in $esxServers){
$srv = Connect-VIServer -Server $esx.Name -User $user -Password $pswd 4> $null
if($srv){
Set-VMHostAccount -UserAccount $user -Password $newPswd -Server $srv -Confirm:$false
Disconnect-VIServer -Server $esx.Name -Confirm:$false
}
else{
Write-Host "Logon failed $($esx.Name)"
}
}
Disconnect-VIServer -Server $vcName -Confirm:$false
I removed the other two threads
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference