Solved: How to check ESXi root password for all VMhost in ...

AlbertWT · ‎09-06-2013

hi,

Can anyone please share he way or any script to check the VMware root credentials ?

rather than trying to login to each VMhost ESX(i) with vsphere client is too much of a work

/* Please feel free to provide any comments or input you may have. */

mattandes · ‎09-06-2013

The reason the script that LucD provided isn't working is because you need to change $_ to $esx (shown below). You use the $_ when your piping output from one command to another. Since we're using we're using a Foreach loop we access the individual items of the Get-VMHost command through the defined variable (the $esx in the 3rd line)

Connect-VIServer -Server $esx -User $user -Password $pswd -ErrorAction Stop | Out-Null

Blog: http://www.virtual-matt.net

View solution in original post

LucD · ‎09-06-2013

Try something like this

$user = "root"
$pswd = "lala"
foreach($esx in Get-VMHost){
    try {
        Connect-VIServer -Server $esx -User $user -Password $pswd -ErrorAction Stop | Out-Null
    }
    catch{
        "Logon failed on $($esx.Name)"
    }
}

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

AlbertWT · ‎09-06-2013

Thanks for the reply Luc,

However if it is just one line connect to the ESX host it works, somehow it doesn't work in the loop ?

Initially I have logged on to the VCenter server and then execute the script that you created but it is all returning failed, the credentials has always been right when I check manually.

/* Please feel free to provide any comments or input you may have. */

mattandes · ‎09-06-2013

The reason the script that LucD provided isn't working is because you need to change $_ to $esx (shown below). You use the $_ when your piping output from one command to another. Since we're using we're using a Foreach loop we access the individual items of the Get-VMHost command through the defined variable (the $esx in the 3rd line)

Connect-VIServer -Server $esx -User $user -Password $pswd -ErrorAction Stop | Out-Null

Blog: http://www.virtual-matt.net

AlbertWT · ‎09-06-2013

thanks man it works now 🙂

/* Please feel free to provide any comments or input you may have. */

LucD · ‎09-07-2013

I corrected the code

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

jasmeetsinghsur · ‎05-27-2020

Our ESXi hosts recently got locked out. Is there any powercli to know the current status of ROOT account if its locked or failed logon attempts.

LucD · ‎05-27-2020

You can query the events (provided you keep them for sufficiently long).

The event should say when it happened and for how long the account will be locked.

$esxName = 'MyEsx'

Get-VIEvent -Entity $esx -Start (Get-Date).AddMinutes(-15) -MaxSamples ([int]::MaxValue) |

where{$_ -is [VMware.Vim.EventEx] -and $_.EventTypeId -eq 'esx.audit.account.locked'}

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

vmk2014 · ‎07-01-2020

LucD,

If i want to validate the root password for 140 standalone hosts, then in that case the below script will work ?

Thanks

V

LucD · ‎07-01-2020

You will need to have a list with the FQDN of the ESXi nodes and the root credentials to try.

Then a Connect-VIServer to the ESXi node with those credentials in a try-catch construct should do the trick.

It would be more like the script in Re: Validate ESXi root password against multiple passwords

With the exception that you would only test against 1 root credential

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

All

How to check ESXi root password for all VMhost in the VCenter ?