VMware Cloud Community
AlbertWT
Virtuoso
Virtuoso
Jump to solution

How to check ESXi root password for all VMhost in the VCenter ?

hi,

Can anyone please share he way or any script to check the VMware root credentials ?

rather than trying to login to each VMhost ESX(i) with vsphere client is too much of a work 

/* Please feel free to provide any comments or input you may have. */
Tags (1)
1 Solution

Accepted Solutions
mattandes
Enthusiast
Enthusiast
Jump to solution

The reason the script that LucD provided isn't working is because you need to change $_ to $esx (shown below). You use the $_ when your piping output from one command to another. Since we're using we're using a Foreach loop we access the individual items of the Get-VMHost command through the defined variable (the $esx in the 3rd line)

Connect-VIServer -Server $esx -User $user -Password $pswd -ErrorAction Stop | Out-Null

Blog: http://www.virtual-matt.net

View solution in original post

9 Replies
LucD
Leadership
Leadership
Jump to solution

Try something like this

$user = "root"
$pswd = "lala"
foreach($esx in Get-VMHost){
   
try {
       
Connect-VIServer -Server $esx -User $user -Password $pswd -ErrorAction Stop | Out-Null
    }
   
catch{
       
"Logon failed on $($esx.Name)"
    }
}


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

AlbertWT
Virtuoso
Virtuoso
Jump to solution

Thanks for the reply Luc,

However if it is just one line connect to the ESX host it works, somehow it doesn't work in the loop ?

Initially I have logged on to the VCenter server and then execute the script that you created but it is all returning failed, the credentials has always been right when I check manually.

/* Please feel free to provide any comments or input you may have. */
Reply
0 Kudos
mattandes
Enthusiast
Enthusiast
Jump to solution

The reason the script that LucD provided isn't working is because you need to change $_ to $esx (shown below). You use the $_ when your piping output from one command to another. Since we're using we're using a Foreach loop we access the individual items of the Get-VMHost command through the defined variable (the $esx in the 3rd line)

Connect-VIServer -Server $esx -User $user -Password $pswd -ErrorAction Stop | Out-Null

Blog: http://www.virtual-matt.net
AlbertWT
Virtuoso
Virtuoso
Jump to solution

thanks man it works now 🙂

/* Please feel free to provide any comments or input you may have. */
Reply
0 Kudos
LucD
Leadership
Leadership
Jump to solution

I corrected the code


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
jasmeetsinghsur
Enthusiast
Enthusiast
Jump to solution

Our ESXi hosts recently got locked out. Is there any powercli to know the current status of ROOT account if its locked or failed logon attempts.

Reply
0 Kudos
LucD
Leadership
Leadership
Jump to solution

You can query the events (provided you keep them for sufficiently long).

The event should say when it happened and for how long the account will be locked.

$esxName = 'MyEsx'

Get-VIEvent -Entity $esx -Start (Get-Date).AddMinutes(-15) -MaxSamples ([int]::MaxValue) |

where{$_ -is [VMware.Vim.EventEx] -and $_.EventTypeId -eq 'esx.audit.account.locked'}


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
vmk2014
Expert
Expert
Jump to solution

LucD,

If i want to validate the root password for 140 standalone hosts, then in that case the below script will work ?

Thanks

V

Reply
0 Kudos
LucD
Leadership
Leadership
Jump to solution

You will need to have a list with the FQDN of the ESXi nodes and the root credentials to try.

Then a Connect-VIServer to the ESXi node with those credentials in a try-catch construct should do the trick.

It would be more like the script in Re: Validate ESXi root password against multiple passwords

With the exception that you would only test against 1 root credential


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference