VMware Cloud Community
mdittbrenner
Enthusiast
Enthusiast
‎03-24-2015 06:28 PM
Jump to solution

workflow issue

Hey everyone

Have an issue with a workflow and was hoping someone could help. 

I am deploying a windows system which gets added to the domain via a customization script.

I am then running a vco workflow which runs a script locally on the windows box.

If I run it as a non domain admin account the script doesn't run and i get an error in event log

Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

As a result the script data doesn't run and no other customization's take place.

If I run it as a domain admin it works successfully.  Now that is an easy fix, just run as a domain admin, but in the blueprint the domain admin password is clear text.

We have group managers that are not domain admins and should not be able to see a domain admin password.  If they look at the properties they can then see the clear text password.

I was wondering if anyone had the same issue of windows cannot file the local profile issue and if so how were you able to fix it?

1 Solution

Accepted Solutions
zebduin
Enthusiast
Enthusiast
‎03-25-2015 11:51 AM
Jump to solution

When I run scripts in vRealize Orchestrator on the guest VM, I store the passwords as a input attribute in a secure string.  Is there a reason why you need to pass the password in clear text from vRA to vRO?

pastedImage_1.png

A simple example of this is a WF that creates a local user and adds to the local admin group.  I pass the passwd 'addUserPassword' as a variable (secure string) into my command. That command is then executed on the local machine via the Run Program in Guest Workflow.  The same thing can be achieved if using the Guest Script Manager Package.

View solution in original post

0 Kudos
4 Replies
sbeaver
Leadership
Leadership
‎03-24-2015 07:52 PM
Jump to solution

Which version of Windows?

How are you running the script inside the guest?

Steve Beaver
VMware Communities User Moderator
VMware vExpert 2009 - 2020
VMware NSX vExpert - 2019 - 2020
====
Co-Author of "VMware ESX Essentials in the Virtual Data Center"
(ISBN:1420070274) from Auerbach
Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/]
Come follow me on twitter http://www.twitter.com/sbeaver

**The Cloud is a journey, not a project.**
0 Kudos
mdittbrenner
Enthusiast
Enthusiast
‎03-24-2015 08:10 PM
Jump to solution

Windows 7

using the machine provisioned stub to vco. 

The vco workflow is run script in guest workflow.

That is calling a batch script on the local file system (its calling a few external batch scripts that were existing scripts.  I am just trying to get this fit in until the other external scripts are redone in powershell.

0 Kudos
zebduin
Enthusiast
Enthusiast
‎03-25-2015 11:51 AM
Jump to solution

When I run scripts in vRealize Orchestrator on the guest VM, I store the passwords as a input attribute in a secure string.  Is there a reason why you need to pass the password in clear text from vRA to vRO?

pastedImage_1.png

A simple example of this is a WF that creates a local user and adds to the local admin group.  I pass the passwd 'addUserPassword' as a variable (secure string) into my command. That command is then executed on the local machine via the Run Program in Guest Workflow.  The same thing can be achieved if using the Guest Script Manager Package.

0 Kudos
mdittbrenner
Enthusiast
Enthusiast
‎03-25-2015 11:54 AM
Jump to solution

Nothing other than sheer stupidity on my part.  I realized it earlier today.  Some reason I was going from blueprint instead of in VCO.

SecureString in VCO covered it and now works good.

I had originally tried the Guest Script Manager Package and had some issues with it.  Part of it was probably due to rushing to meet a deadline.

I have actually been working with Reuben on this also.