Here is what I tried based on the other script and the errors I am getting.

$rootUser = 'root'

$rootPswd = '*****'

$userName = 'SOLSNMP'

$esxName = 'pcoesxvm02.sgsolutions.local'

$esx = Get-VMHost -Name $esxName

Connect-VIServer -Server $esx.Name -User $rootUser -Password $rootPswd > $null

Try{

    $user = Get-VMHostAccount -User $userName -Server $esx.Name -ErrorAction Stop

}

Catch{

    $user = New-VMHostAccount -Id $userName -Password $pswd -GrantShellAccess -Server $esx.Name

}

$perm = Get-VIPermission -Principal $userName -Server $esx.Name

if(!$perm){

    $root = Get-Folder -Name root -Server $esx.Name

    New-VIPermission -Entity $root -Principal $userName -Role Read-only -Server $esx.Name

}

>>

New-VMHostAccount : Cannot bind argument to parameter 'Password' because it is

null.

At line:5 char:55

+     $user = New-VMHostAccount -Id $userName -Password $pswd

-GrantShellAccess -S ...

+                                                       ~~~~~

    + CategoryInfo          : InvalidData: (:) [New-VMHostAccount], ParameterB

   indingValidationException

    + FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,V

   Mware.VimAutomation.ViCore.Cmdlets.Commands.Host.NewVMHostAccount

PowerCLI C:\> $perm = Get-VIPermission -Principal $userName -Server $esx.Name

Get-VIPermission : 9/19/2017 3:40:56 PM    Get-VIPermission        Could not

find VIAccount with name 'SOLSNMP'.

At line:1 char:9

+ $perm = Get-VIPermission -Principal $userName -Server $esx.Name

+         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : ObjectNotFound: (SOLSNMP:String) [Get-VIPermissi

   on], VimException

    + FullyQualifiedErrorId : Core_ObnSelector_SelectObjectByNameCore_ObjectNo

   tFound,VMware.VimAutomation.ViCore.Cmdlets.Commands.PermissionManagement.G

  etVIPermission

Get-VIPermission : 9/19/2017 3:40:56 PM    Get-VIPermission        VIAccount

parameter: Could not find any of the objects specified by name.

At line:1 char:9

+ $perm = Get-VIPermission -Principal $userName -Server $esx.Name

+         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : ObjectNotFound: (VMware.VimAutom...unt[] Princip

   al:RuntimePropertyInfo) [Get-VIPermission], ObnRecordProcessingFailedExcep

  tion

    + FullyQualifiedErrorId : Core_ObnSelector_SetNewParameterValue_ObjectNotF

   oundCritical,VMware.VimAutomation.ViCore.Cmdlets.Commands.PermissionManage

  ment.GetVIPermission

PowerCLI C:\> if(!$perm){

>>     $root = Get-Folder -Name root -Server $esx.Name

>>     New-VIPermission -Entity $root -Principal $userName -Role Read-only -Serv

er $esx.Name

>> }

>>

Get-Folder : 9/19/2017 3:40:56 PM    Get-Folder        Folder with name 'root'

was not found using the specified filter(s).

At line:2 char:13

+     $root = Get-Folder -Name root -Server $esx.Name

+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : ObjectNotFound: (:) [Get-Folder], VimException

    + FullyQualifiedErrorId : Core_OutputHelper_WriteNotFoundError,VMware.VimA

   utomation.ViCore.Cmdlets.Commands.GetFolder

New-VIPermission : Cannot validate argument on parameter 'Entity'. The

argument is null or empty. Supply an argument that is not null or empty and

then try the command again.

At line:3 char:30

+     New-VIPermission -Entity $root -Principal $userName -Role Read-only

-Server  ...

+                              ~~~~~

    + CategoryInfo          : InvalidData: (:) [New-VIPermission], ParameterBi

   ndingValidationException

    + FullyQualifiedErrorId : ParameterArgumentValidationError,VMware.V

The $Pswd variable hasn't been instantiated.

You should have a line with the following at the beginning (update the password).

Ok that worked now how do I send it a list of Hosts from vCenter so I can add this account to all of my hosts.

In one of the versions of the script, it runs through all the ESXi nodes.

foreach ($esx in Get-VMHost){

But you can use any selection criteria to "get" the ESXi nodes that you want to use.

For example from a text file

Here is what I am trying and when I run it for a single machine it works but when I try and run it with the text file it seems to complete I get no errors but I also don't get the accounts.

$rootUser = 'root'

$rootPswd = '2***'

$userName = 'SOLSNMP'

$Pswd = '*****'

$esx = Get-VMHost -Name $esxName

foreach($esx in (Get-VMHost -Name (Get-Content -Path C:\ESXi_Root_Password_Reset\esxservers.txt))){

}

Connect-VIServer -Server $esx.Name -User $rootUser -Password $rootPswd > $null

Try{

    $user = Get-VMHostAccount -User $userName -Server $esx.Name -ErrorAction Stop

}

Catch{

    $user = New-VMHostAccount -Id $userName -Password $pswd -GrantShellAccess -Server $esx.Name

}

$perm = Get-VIPermission -Principal $userName -Server $esx.Name

if(!$perm){

    $root = Get-Folder -Name ha-folder-root -Server $esx.Name

    New-VIPermission -Entity $root -Principal $userName -Role readonly -Server $esx.Name

}

Disconnect-VIServer -Server $esx.Name -Confirm:$false

Not sure how you have time to work on this so quickly but you are not being paid enough

Thanks this saved me a huge amount of work.

Bob K

LucD I follow you all the time especially as relates to PowerCLI & I'm using this script. Appreciate it.

Wanted to point out I received an error on vSphere 6.5 - looks like the folder path changed from vSphere 6.0 (which I'm certain you already know but wanted to help anyone having the same issue)

$root = Get-Folder -Name ha-folder-root -Server $esx.Name

For vSphere 6.5 Should be

$root = Get-Folder -Name root -Server $esx.Name

Hope this helps someone moving forward

Thanks for sharing that!

One way to make the above code usable across different vSphere version, is to find the name of the rootfolder dynamically.

Something like this

Need to use Host from TXT file, also all Host have different admin account. So it would take admin user and password saved in the same file.

Hi Lucd

When i try to pass the value through arguments to the below script , it displays error. 

param ( $rootUser, $rootPswd,$userName,$Pswd,$esx)

Connect-VIServer -Server $esx -User $rootUser -Password $rootPswd > $null

$perm = Get-VIPermission -Principal $userName -Server $esx

if(!$perm){

$root = Get-Folder -Name ha-folder-root -Server $esx

New-VIPermission -Entity $root -Principal $userName -Role Admi -Server $esx

}

Disconnect-VIServer -Server $esx -Confirm:$false

Could you please help me

Which error?

Is this script works for ESXi 7, I am receiving error for folder ha-folder-root.

Error : Folder with name 'ha-folder-root' was not found using the specified filter(s).

Are you connected to the ESXi node or to the vCenter?
That folder is only available when connected to the ESXi node.

I figured out.. thank you It saved my day

I connected to vCenter.. in esxi 7 .. its root folder.. just changed the folder name and it worked.. thank you so much.. really appreciate your help..  🙂