The password is causing this.
Could it be that your password is violating the complexity rules?
What is in Security.PasswordQualityControl?
Get-AdvancedSetting -Entity MyEsx -Name 'Security.PasswordQualityControl' |
Select -ExpandProperty Value
This for example works for me
$esxcli = Get-EsxCli -VMHost MyEsx -V2
$sAccount = $esxcli.system.account.add.CreateArgs()
$sAccount.Item('description') = 'Test account'
$sAccount.Item('password') = 'BlackFriday17!'
$sAccount.Item('passwordconfirmation') = 'BlackFriday17!'
$sAccount.Item('id') = 'a_guard'
I hope, on top of this you have mentioned $esxcli = Get-EsxCli -VMHost 'YourHostFQDN'
Hi Luc, its a fresh install of ESXi 6.5update1 but what is more strange it works when using New-VMHostAccount
Get-Advancedsetting -Entity $esxiserver -Name 'Security.PasswordQualityControl' | Select -ExpandProperty Value
I would really like to set this via esxcli, do you think i could modify 'Security.PasswordQualityControl' to allow this then set it back to default.?
I know the account works with this password because it been set in the environment previously i believe it was created using host profiles, plus i can get it to work with New-VMHostAccount
That is the default password complexity rule, so, yes, your selected password should work.
Might be a flaw in Get-Esxcli.
Did you, to confirm my assumption, try the same through the esxcli command from a SSH session?
From SSH i get this.. maybe a bug
[root@o-n01:~] esxcli system acoount
Error: Unknown command or namespace system acoount
Just did some further tests, looks indeed like it is a Get-EsxCli "feature". W
With the esxcli command it works.
Looks like Get-EsxCli has an issue with the ampersand (&) in the password.
Congrats, you found a bug
esxcli system account add -i test2 -p '@`[tNI\xUh7#&by\' -c '@`[tNI\xUh7#&by\'
and that works.
Update: you have a typo in account
Thnaks luc, can you think of any workaround other than change the password, unfortunately this password is mature in the environment so can't easily be changed and i was hoping to automate it.
I might put it in the auto deploy host profile that might work