VMware Cloud Community
Mr_G_Grant
Enthusiast
Enthusiast
‎09-08-2010 04:53 AM
Jump to solution

Bulk Change Root Password

Hi Guy's,

I am trying to run the following script on vSphere 4.0 but it keeps crashing saying:

" Cannot validate argument on parameter 'Id'. The argument is null or empty. Supply an argument that is not null or empty and then try the command again. At :line:37 char:26 + $acctMgr = Get-View -Id <<<< $si.content.accountmanager"

The Script: *Taken from http://www.van-lieshout.com/2009/02/bulk-change-your-esx-root-password/

#

  1. This script changes the root password on all ESX hosts in the esxservers.txt textfile

#

  1. Add VI-toolkit #

#Add-PSsnapin VMware.VimAutomation.Core

#Initialize-VIToolkitEnvironment.ps1

  1. Get old root credential

$oldrootPassword = Read-Host "Enter old root password" -AsSecureString

$oldrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$oldrootPassword

  1. Get new root credential

$newrootPassword = Read-Host "Enter new root password" -AsSecureString

$newrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword

$newrootPassword2 = Read-Host "Retype new root password" -AsSecureString

$newrootCredential2 = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword2

  1. Compare passwords

If ($newrootCredential.GetNetworkCredential().Password -ceq $newrootCredential2.GetNetworkCredential().Password) {

  1. Create new root account object

$rootaccount = New-Object VMware.Vim.HostPosixAccountSpec

$rootaccount.id = "root"

$rootaccount.password = $newrootCredential.GetNetworkCredential().Password

$rootaccount.shellAccess = "/bin/bash"

  1. Get list of Host servers from textfile to change root password on

Get-Content esxservers.txt | %{

Connect-VIServer $_ -User root -Password $oldrootCredential.GetNetworkCredential().Password -ErrorAction SilentlyContinue -ErrorVariable ConnectError | Out-Null

If ($ConnectError -ne $Null) {

Write-Host "ERROR: Failed to connect to ESX server:" $_

}

Else {

$si = Get-View ServiceInstance

$acctMgr = Get-View -Id $si.content.accountmanager

$acctMgr.UpdateUser($rootaccount)

Write-Host "Root password successfully changed on" $_

Disconnect-VIServer -Confirm:$False | Out-Null

}

}

}

Else {

Write-Host "ERROR: New root passwords do not match. Exiting..."

}

My Powershell skills are still very basic but in progress none the less :smileyblush: .

Would anybody be able to explain why this is crashing and how i can resolve it?

Many Thanks in advance

0 Kudos
1 Solution

Accepted Solutions
Mr_G_Grant
Enthusiast
Enthusiast
‎09-08-2010 05:43 AM
Jump to solution

Very strange but this script is working now and i didn't change anything!?

All i did was close PowerGui Script Editor then open it again when i got your second reply. Very strange indeed but i guess i got a lot to learn about Powershell still!

Thanks for your quick replies though!

View solution in original post

0 Kudos
4 Replies
ykalchev
VMware Employee
VMware Employee
‎09-08-2010 05:01 AM
Jump to solution

Hi,

The HostLocalAccountManager object exists only when connected directly to ESX(i) server and may be this is the reason for the error.

Can you check that esxservers.txt contains only names of the ESX hosts but not vCenter servers?

Regards,

Yasen Kalchev

PowerCLI Dev Team

Yasen Kalchev, vSM Dev Team
0 Kudos
Mr_G_Grant
Enthusiast
Enthusiast
‎09-08-2010 05:19 AM
Jump to solution

I can confirm it only contains a list of three vSphere servers in FQDN format.

0 Kudos
ykalchev
VMware Employee
VMware Employee
‎09-08-2010 05:30 AM
Jump to solution

Do you have enough permissions to do this operations? I think the required privilege is Host.Local.ManageUserGroups.

BTW the script can be simplified just using Get-VMHostAccount & Set-VMHostAccount cmdltes.They also provide esx connection validation for you.

$oldrootPassword = Read-Host “Enter old root password” -AsSecureString
$oldrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist “root”,$oldrootPassword

# Get new root credential
$newrootPassword = Read-Host “Enter new root password” -AsSecureString
$newrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist “root”,$newrootPassword
$newrootPassword2 = Read-Host “Retype new root password” -AsSecureString
$newrootCredential2 = new-object -typename System.Management.Automation.PSCredential -argumentlist “root”,$newrootPassword2

# Compare passwords
If ($newrootCredential.GetNetworkCredential().Password -ceq $newrootCredential2.GetNetworkCredential().Password) {

    # Get list of Host servers from textfile to change root password on
    Get-Content esxservers.txt | %{
        Connect-VIServer $_ -User root -Password $oldrootCredential.GetNetworkCredential().Password -ErrorAction SilentlyContinue -ErrorVariable ConnectError | Out-Null
        If ($ConnectError -ne $Null) {
            Write-Host “ERROR: Failed to connect to ESX server:” $_
        } Else {
            Get-VMHostAccount root | Set-VMHostAccount -Password $newrootCredential.GetNetworkCredential().Password
            Write-Host “Root password successfully changed on” $_
            Disconnect-VIServer -Confirm:$False | Out-Null
        }
    }
} Else {
    Write-Host “ERROR: New root passwords do not match. Exiting…”
}

Regards,

Yasen Kalchev

PowerCLI Dev Team

Yasen Kalchev, vSM Dev Team
Mr_G_Grant
Enthusiast
Enthusiast
‎09-08-2010 05:43 AM
Jump to solution

Very strange but this script is working now and i didn't change anything!?

All i did was close PowerGui Script Editor then open it again when i got your second reply. Very strange indeed but i guess i got a lot to learn about Powershell still!

Thanks for your quick replies though!

0 Kudos