Hello group.
In vRO 7.6 we used configuration element with credential Attribute to use as sysprep admin when deploying Windows server.
Now trying to find out the credential type in the attribute it appear that type ha been deprecated from the API Explorer.
If this is the case, is someone know what replacement it ?
Thank in advance you the answer.
Regards.
Well this is a pain. Seems like VMware broke their own workflow and there's no way to sysprep a windows vm and have it join a domain in version 8?
From what itrudeau said, is the workaround to do something like:
var myVcCustomizationPassword = new VcCustomizationPassword() ;
myVcCustomizationPassword.plainText = true;
myVcCustomizationPassword.value = "mypassword";
and then
identification.domainAdminPassword = myVcCustomizationPassword;
That would mean hard coding a password in plain text though.
Is there a way to feed myVcCustomizationPassword.value with a SecureString (or maybe EncryptedString since it seems a bit more secure to use?)
Interesting. I took a look at my setup and if I run the Clone, Windows Sysprep with Single NIC and credential via the Java client in 7.6, I can enter a user/pass to join a windows vm to the domain. if I try in the web client in 7.6 I can enter some test but there's no way that I can see to enter a password.
Since vRO 8 has no java client and the credential type doesn't work, does that mean the Windows sysprep workflow is now broken and can't be used via web client and we can't even create a hardcoded attribute in version 8 with the info?
Hi,
'Credential' type has never quite worked outside of the old Java client; for example, it was not exposed to REST API so it was not possible to use it in clients that consume REST API like the new Web client or vSphere integration plug-in.
The alternative in vRO 8.x input forms is to use separate input fields of type Text Field (for the user name value) and Password (for the password value).
Existing workflows that use Credential input fields should be modified the same way as above.
Hello Group.
My problem is how i can pass the credential for adding a server into Active directory in the sysprep unattended now ?
I have identified that the source of the workflow is an action call:
getCustomizationIdentificationFromCredential
The exact lines in this action that are no longer compatible are:
function affectParam() {
if (joinWorkgroup == null || joinWorkgroup == "") {
identification.domainAdmin = domainAdmin.username;
identification.domainAdminPassword = VcPlugin.createCustomizationPasswordFromCredentials(domainAdmin, true);
identification.joinDomain = joinDomain;
identification.joinWorkgroup = joinWorkgroup;
}
So it’s a native object (VcPlugin) function (createCustomizationPasswordFromCredentials(Credential, Boolean)
) that is no longer usable.
Creates VcCustomizationPassword from provided Credential.
Parameters:
credentials : Credential -
plainText : Boolean -
Returns:
VcCustomizationPassword
Is there other ways to proceed, other then using this VcPlugin.createCustomizationPasswordFromCredentials ??
Well this is a pain. Seems like VMware broke their own workflow and there's no way to sysprep a windows vm and have it join a domain in version 8?
From what itrudeau said, is the workaround to do something like:
var myVcCustomizationPassword = new VcCustomizationPassword() ;
myVcCustomizationPassword.plainText = true;
myVcCustomizationPassword.value = "mypassword";
and then
identification.domainAdminPassword = myVcCustomizationPassword;
That would mean hard coding a password in plain text though.
Is there a way to feed myVcCustomizationPassword.value with a SecureString (or maybe EncryptedString since it seems a bit more secure to use?)
Hello Aslk5
I have test the code you have suggest and apparently i get the same result:
attribute:
domainAdmin type credential
password = type secureString
var identification = {};
identification.domainAdminPassword = VcPlugin.createCustomizationPasswordFromCredentials(domainAdmin, true);
System.log (identification.domainAdminPassword)
var myVcCustomizationPassword = new VcCustomizationPassword() ;
myVcCustomizationPassword.plainText = true;
myVcCustomizationPassword.value = password;
identification.domainAdminPassword2 = myVcCustomizationPassword;
System.log (identification.domainAdminPassword2)
LOG output:
[2019-11-22 09:25:37.170] [I] DynamicWrapper (Instance) : [VcCustomizationPassword]-[class com.vmware.o11n.plugin.vsphere_gen.Password_Wrapper] -- VALUE : (vim.vm.customization.Password) {
dynamicType = null,
dynamicProperty = null,
value = (not shown),
plainText = true
}
[2019-11-22 09:25:37.177] [I] DynamicWrapper (Instance) : [VcCustomizationPassword]-[class com.vmware.o11n.plugin.vsphere_gen.Password_Wrapper] -- VALUE : (vim.vm.customization.Password) {
dynamicType = null,
dynamicProperty = null,
value = (not shown),
plainText = true
}
This should fix the issue
Thank you very much for your help.
Regards,
That's good news. I would prefer to use an EncryptedString since it can't be output to the console.
iiliev do you know if changing the securestring to encryptedstring would work? Would the plugin handle decoding the value and passing it as plain text to the sysprep workflow even if we can't see it as the console?
I think EncryptedString would not work, but Credential object is still available in the scripting (if I'm not mistaken) so you should be able to instantiate a new Credential object instance using the values from the separate user name / password inputs, and then use the same VcPlugin helper method.
Hi,
Were you able to find a solution for this? Should we duplicate the action (getCustomizationIdentificationFromCredential) and change its code?
HI,
The problem is still there with Orchestrator 8.1.
I find it very strange that VMWare is not able to provide a definitive fix for this wide-spectrum issue.
Do I miss something ?
I have spent about 5 minutes trying to setup an 8.1 vRO instance and already hit this... I guess I can't call it a bug... I don't know how well publicized this was but it never feels like this stuff is. I'm way behind anyway these days as all of our stuff is still in the 7.5 realm. Sigh. 7.5 vRA/vRO to 8.1 is gonna be a lot of work.