I always used carter his function to create users:
function Create-ShellUser {
param($id, $password="", $description=$null, $posixId=$null)
#ON ERROR CONTINUE
$erroractionpreference = "SilentlyContinue"
$si = get-view serviceinstance
$accountManager = get-view $si.Content.AccountManager
$as = new-object VMware.Vim.HostPosixAccountSpec
$as.id = $id
$as.password = $password
$as.description = $description
$as.shellAccess = $true
$as.posixId = $posixId
$accountManager.CreateUser($as)
But i doesn't accept the password to be $null
I also tryed using new-vmhostaccount, but again empty passwords are not permitted.
What to do to create users on esx servers, with empty password, so active directory authentication can work?
I could use plink, but i don't want to do that.
The New-VMHostAccount defines the -Password parameter as "required".
The HostAccountSpec object on the other hand specifies the password property as optional.
Indeed, conflicting requirements.
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I will have to dig deeper into the problem.
Rob, just did some tests with the CreateUser method for an ESX server.
It looks as if the method also requires the password property to have a value different from $null or an empty string.
With the useradd command in the COS you can create accounts with no password.
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Hi,
The Password field is mark as optional in the API documentation because the HostAccountSpec type is also output object for some API methods and can be null if the user account is created in the console as Luc suggested.
However CreateUser method requires non-empty password, so we've make the parameter required also.
Regards,
Yasen
PowerCLI Dev Team
I will have to change the script so that i will use plink.
I am a little bit dissapointed the API changes every release of vSphere.
I did some more tests, and it looks like that assigning the users a random password at the creation time, we still can use AD authentication.
So i will create a function to generate random passwords.
Found on the internet this great post:
http://dmitrysotnikov.wordpress.com/2007/07/18/generate-random-password-with-powershell/
All our AD users now connect to the ESX servers without a problem.