Need script to change admin password for all VMs(windows)
Hi LucD,
Need your help on changing the root password for Linux VM.
It throws the following error when i run on Linux VM
| Invoke-VMScript : 04/10/2013 4:52:02 PM | Invoke-VMScript | Failed to authenticate with the guest operating system using the supplied credentials. |
Thanks
Suresh
One way of doing this is with the Invoke-VMScript cmdlet.
I assume that you have all the VMs where you need to change the administrator password in the variable $vms.
I also assume that your account has admin authority on all the guest OS.
Then you could do something like this
$script = @"
$localadministrator=[adsi]("WinNT://./administrator, user")
$localadministrator.psbase.invoke("SetPassword", "your-new-password")
"@
foreach($vm in $vms){
Invoke-VMScript -ScriptText $script -VM $vm
}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Hi LucD,
Need your help on changing the root password for Linux VM.
It throws the following error when i run on Linux VM
| Invoke-VMScript : 04/10/2013 4:52:02 PM | Invoke-VMScript | Failed to authenticate with the guest operating system using the supplied credentials. |
Thanks
Suresh
Did you use an account on the GuestUser/GuestPassword parameters, that has the required permissions inside the guest OS ?
The error message seems to indicate you didn't.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Yes, I did use GuestUser GuestPassword parameters in the script.
It works for non-root accounts.
script text
echo 'newpassword' | passwd --stdin root
I'm not sure which Linux distribution you are using, but can you have a look at /var/adm/messages
It might contain a pointer to the cause of the problem.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I am using redhat 6.
as suggested, I will check /var/logmessages to get some clue on the issue and get back to you
Hi,
This is what i see under /var/log/secure
Oct 7 14:39:51 nocrhevm01 vmtoolsd: PAM unable to dlopen(/lib64/security/pam_unix2.so): /lib64/security/pam_unix2.so: cannot open shared object file: No such file or directory
Oct 7 14:39:51 nocrhevm01 vmtoolsd: PAM adding faulty module: /lib64/security/pam_unix2.so
Oct 7 14:39:51 nocrhevm01 vmtoolsd: PAM unable to dlopen(/lib64/security/pam_unix2.so): /lib64/security/pam_unix2.so: cannot open shared object file: No such file or directory
Oct 7 14:39:51 nocrhevm01 vmtoolsd: PAM adding faulty module: /lib64/security/pam_unix2.so
Oct 7 14:39:51 nocrhevm01 passwd: pam_unix(passwd:chauthtok): password changed for root
Oct 7 14:39:51 nocrhevm01 vmtoolsd: PAM unable to dlopen(/lib64/security/pam_unix2.so): /lib64/security/pam_unix2.so: cannot open shared object file: No such file or directory
Oct 7 14:39:51 nocrhevm01 vmtoolsd: PAM adding faulty module: /lib64/security/pam_unix2.so
Oct 7 14:39:51 nocrhevm01 vmtoolsd: pam_unix(vmtoolsd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=root
Oct 7 14:39:53 nocrhevm01 vmtoolsd: PAM 1 more authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=root
Oct 7 14:39:53 nocrhevm01 vmtoolsd: PAM unable to dlopen(/lib64/security/pam_unix2.so): /lib64/security/pam_unix2.so: cannot open shared object file: No such file or directory
Oct 7 14:39:53 nocrhevm01 vmtoolsd: PAM adding faulty module: /lib64/security/pam_unix2.so
Oct 7 14:39:53 nocrhevm01 vmtoolsd: pam_unix(vmtoolsd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=root
Oct 7 14:39:56 nocrhevm01 vmtoolsd: PAM 1 more authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=root
and below is my script
Function Update-WindowsVM{
param($virtualmachine)
$vm = Get-VM NOCRHEVM01
$os = (Get-VM $vm | Get-View).Summary.Config.GuestFullName
$toolsStatus = (Get-VM $vm | Get-View).Guest.ToolsStatus
if($vm.powerstate -eq "PoweredOn"){
if($toolsStatus -eq "toolsOk"){
# Determining Windows
if($os -match 'Windows'){
Write-Host "Windows guest found" -fore Green
$update = "ipconfig"
}
elseif($os -match 'Linux'){
Write-Host "Linux guest found" -fore Blue
$update = "echo 'Password123' | passwd root --stdin"
}
else{Write-Host "could not identify guest OS" -fore Red}
# Update command
Write-Host "Running $update command" -fore Yellow
Invoke-VMScript -VM $vm -ScriptText $update -GuestUser root -GuestPassword oldpassword123 -scripttype bash
}
else{Write-Host $vm "VMware Tools are out off date or not running" -fore Red }
}
else{Write-Host $vm "is not running" -fore Red }
}
Update-WindowsVM
The log seems to say that the password was changed. Was it ?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Hello.I don't know why but when i try to Invoke-VMScript the previous script(in order to change a windows machine admin password) i get
Any ideas why?
Thanks!
Is that VM joined to an Active Directory domain ?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
No it isn't.But the fact is that if i open powershell in the vm and run the powershell it works correctly...
Anyway i have found another way to change the password but it would be nice to know why...
Thanks!
PS:Actually i need this method because the other method that i have found didn't work.
I finally managed to run it like this
$script = '$admin = [adsi]("WinNT://./administrator, user");$admin.psbase.invoke("SetPassword", "lala");'
Invoke-VMScript -ScriptText $script -VM "cs1 - 123456 (tas.gdfg.com)" -guestuser administrator -guestpassword "foo"
My final and only question is "can i somehow disable the password policy?" so i can enter "123" as a valid password.
Thanks!
Start gpedit.msc, then go to Computer Configuration > Windows Settings > Security Settings > Account Policies > Password Policy.
In there you change the password requirements
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I was thinking programmatically but it's ok.My work is done.Thanks ![]()
or use the following script:
Get-Content servers.txt | Foreach-Object{
$Server = $_
try {
$admin = [adsi]"WinNT://$_/Administrator,user"
$admin.Invoke('SetPassword','N3WP@ssw0rd')
$admin.SetInfo()
Write-Host "Admin password successfully reset on $server"
}
catch {
Write-Error "Error: cannot reset admin password on $server"
}
}
hope that helps.
