I have a need to have or Desktop Support team occasionally reboot VM's when they become unstable. They don't have access to vCenter and are not allowed access to vCenter, so I would like to create a script that would prompt them for the name of the server that needs to be rebooted and then use the credentials from a service account that needs to be encrypted to reboot the server.
Thanks
That sounds more like a standard PowerShell script, no PowerCLI involved.
Something like this
$confirm = Read-Host -Prompt "Are you sure you want to reboot $target (y/n)"
if($confirm -eq 'y'){
Restart-Computer -ComputerName $target -Confirm:$false
}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
The VM's are in a domain that the Help Desk staff don't have access to, this why I was hoping to do this through vCenter using a service account that has restart permissions.
Are you using Horizon for the desktops?
No these are Citrix XenApp servers that are using a legacy app that occasionally have hung user sessions and need to be restarted.
I thought you said the Helpdesk doesn't have access to vCenter?
With a PowerCLI based solution, they will at least have to make a connection to the vCenter, albeit with an account with restricted privileges.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
You can take LucD script and convert is like this
$target = Read-Host -Prompt "Name of machine to reboot"
$confirm = Read-Host -Prompt "Are you sure you want to reboot $target (y/n)"
if($confirm -eq 'y'){
Connect-VIServer vcenter-name
Get-VM -Name $target | Restart-VMGuest -Confirm:$false
}
This will ask for a user name and password for vcenter where you can enter a service account. This still requires access to vcenter though, I'm not aware of a way to allow powercli but not access to the client.
I have a service account that can be used for this. I just didn't want to give the Help Desk staff the credentials, I wanted to put the credentials in the script in an encrypted state.
Which encryption do you envisage?
If these are workstations and you don't have a Security DB or App, you will be limited to using DPAPI on Windows.
That is
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference