We currently use the below script to change the root password but we need one to change a non root account that does not have access the same way root does.
So if this script could be changed to log into each server with root and then change a non root account's password that would be helpfull.
Any help would be appreciated.
-Steve
#
# This script changes the root password on all ESX hosts in the esxservers.txt textfile
#
# Add VI-toolkit #
Add-PSsnapin VMware.VimAutomation.Core
Initialize-VIToolkitEnvironment.ps1
# Get old root credential
$oldrootPassword = Read-Host "Enter old root password" -AsSecureString
$oldrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$oldrootPassword
# Get new root credential
$newrootPassword = Read-Host "Enter new root password" -AsSecureString
$newrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword
$newrootPassword2 = Read-Host "Retype new root password" -AsSecureString
$newrootCredential2 = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword2
$WarningPreference = "SilentlyContinue"
# Compare passwords
If ($newrootCredential.GetNetworkCredential().Password -ceq $newrootCredential2.GetNetworkCredential().Password) {
# Create new root account object
$rootaccount = New-Object VMware.Vim.HostPosixAccountSpec
$rootaccount.id = "root"
$rootaccount.password = $newrootCredential.GetNetworkCredential().Password
$rootaccount.shellAccess = "/bin/bash"
# Get list of Host servers from textfile to change root password on
Get-Content esxservers.txt | %{
Connect-VIServer $_ -User root -Password $oldrootCredential.GetNetworkCredential().Password -ErrorAction SilentlyContinue -ErrorVariable ConnectError | Out-Null
If ($ConnectError -ne $Null) {
Write-Host "ERROR: Failed to connect to ESX server:" $_
}
Else {
$si = Get-View ServiceInstance
$acctMgr = Get-View -Id $si.content.accountManager
$acctMgr.UpdateUser($rootaccount)
Write-Host "Root password successfully changed on" $_
Disconnect-VIServer -Confirm:$False | Out-Null
}
}
}
Else {
Write-Host "ERROR: New root passwords do not match. Exiting..."
}
Try something like this.
It will first prompt for the root password of the ESX(i) servers.
Then the name of the account, followed by the 2 times the new password
# # This script changes the password of an account on all ESX hosts in the esxservers.txt textfile
# # Add VI-toolkit
#
Add-PSsnapin VMware.VimAutomation.Core
Initialize-VIToolkitEnvironment.ps1 # Get root password
$rootPassword = Read-Host "Enter root password" -AsSecureString
$rootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$rootPassword # Get account to change
$account = Read-Host "Enter account"
# Get new account credential
$newaccountPassword = Read-Host "Enter new password" -AsSecureString
$newaccountCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist $account,$newaccountPassword
$newaccountPassword2 = Read-Host "Retype new password" -AsSecureString
$newaccountCredential2 = new-object -typename System.Management.Automation.PSCredential -argumentlist $account,$newaccountPassword2
$WarningPreference = "SilentlyContinue" # Compare passwords
If ($newaccountCredential.GetNetworkCredential().Password -ceq $newaccountCredential2.GetNetworkCredential().Password) { # Create new root account object
$accountSpec = New-Object VMware.Vim.HostPosixAccountSpec
$accountSpec.id = $account
$accountSpec.password = $newaccountCredential.GetNetworkCredential().Password $accountSpec.shellAccess = "/bin/bash" # Get list of Host servers from textfile to change account password on
Get-Content esxservers.txt | %{ Connect-VIServer $_ -User root -Password $rootCredential.GetNetworkCredential().Password -ErrorAction SilentlyContinue -ErrorVariable ConnectError | Out-Null
If ($ConnectError -ne $Null) { Write-Host "ERROR: Failed to connect to ESX server:" $_
} Else { $si = Get-View ServiceInstance
$acctMgr = Get-View -Id $si.content.accountManager $acctMgr.UpdateUser($accountSpec) Write-Host "$account password successfully changed on" $_
Disconnect-VIServer -Confirm:$False | Out-Null
} } } Else { Write-Host "ERROR: New $account passwords do not match. Exiting..."
}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Can't you just use the same script ?
Just add a prompt for the account you want to change the password for and create the PSCredential object for this account instead of for the root account.
Then you connect as root to each ESX(i) server and use the UpdateUser method (as the script does).
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I know we should be able to do it but I am not scripting knowledgeable.
I was hoping for specifics for a noob.
-Thanks
Steve
Try something like this.
It will first prompt for the root password of the ESX(i) servers.
Then the name of the account, followed by the 2 times the new password
# # This script changes the password of an account on all ESX hosts in the esxservers.txt textfile
# # Add VI-toolkit
#
Add-PSsnapin VMware.VimAutomation.Core
Initialize-VIToolkitEnvironment.ps1 # Get root password
$rootPassword = Read-Host "Enter root password" -AsSecureString
$rootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$rootPassword # Get account to change
$account = Read-Host "Enter account"
# Get new account credential
$newaccountPassword = Read-Host "Enter new password" -AsSecureString
$newaccountCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist $account,$newaccountPassword
$newaccountPassword2 = Read-Host "Retype new password" -AsSecureString
$newaccountCredential2 = new-object -typename System.Management.Automation.PSCredential -argumentlist $account,$newaccountPassword2
$WarningPreference = "SilentlyContinue" # Compare passwords
If ($newaccountCredential.GetNetworkCredential().Password -ceq $newaccountCredential2.GetNetworkCredential().Password) { # Create new root account object
$accountSpec = New-Object VMware.Vim.HostPosixAccountSpec
$accountSpec.id = $account
$accountSpec.password = $newaccountCredential.GetNetworkCredential().Password $accountSpec.shellAccess = "/bin/bash" # Get list of Host servers from textfile to change account password on
Get-Content esxservers.txt | %{ Connect-VIServer $_ -User root -Password $rootCredential.GetNetworkCredential().Password -ErrorAction SilentlyContinue -ErrorVariable ConnectError | Out-Null
If ($ConnectError -ne $Null) { Write-Host "ERROR: Failed to connect to ESX server:" $_
} Else { $si = Get-View ServiceInstance
$acctMgr = Get-View -Id $si.content.accountManager $acctMgr.UpdateUser($accountSpec) Write-Host "$account password successfully changed on" $_
Disconnect-VIServer -Confirm:$False | Out-Null
} } } Else { Write-Host "ERROR: New $account passwords do not match. Exiting..."
}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
My mistake, there was a typo in the script.
I just corrected it, please try again.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
That did the trick.
Thank you very much
-Steve
keep getting this error:
Get-View : Cannot validate argument on parameter 'Id'. The argument is null or empty. Supply an argument tha
t is not null or empty and then try the command again.
At C:\Users\abcd\AppData\Local\Temp\3\166aa7dd-60b2-4d0a-b9cb-90e1ba711d68.ps1:33 char:27
+ $acctMgr = Get-View -Id <<<< $si.content.accountManager
+ CategoryInfo : InvalidData: (:) [Get-View], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,VMware.VimAutomation.ViCore.Cmdlets.Commands
.DotNetInterop.GetVIView
using powercli 5.0
what could be the problem. any help appreciated. thanks.