Automation

 View Only
  • 1.  Bulk Change Root Password

    Posted Sep 08, 2010 11:53 AM

    Hi Guy's,

    I am trying to run the following script on vSphere 4.0 but it keeps crashing saying:

    " Cannot validate argument on parameter 'Id'. The argument is null or empty. Supply an argument that is not null or empty and then try the command again. At :line:37 char:26 + $acctMgr = Get-View -Id <<<< $si.content.accountmanager"

    The Script: *Taken from http://www.van-lieshout.com/2009/02/bulk-change-your-esx-root-password/

    #

    1. This script changes the root password on all ESX hosts in the esxservers.txt textfile

    #

    1. Add VI-toolkit #

    #Add-PSsnapin VMware.VimAutomation.Core

    #Initialize-VIToolkitEnvironment.ps1

    1. Get old root credential

    $oldrootPassword = Read-Host "Enter old root password" -AsSecureString

    $oldrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$oldrootPassword

    1. Get new root credential

    $newrootPassword = Read-Host "Enter new root password" -AsSecureString

    $newrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword

    $newrootPassword2 = Read-Host "Retype new root password" -AsSecureString

    $newrootCredential2 = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword2

    1. Compare passwords

    If ($newrootCredential.GetNetworkCredential().Password -ceq $newrootCredential2.GetNetworkCredential().Password) {

    1. Create new root account object

    $rootaccount = New-Object VMware.Vim.HostPosixAccountSpec

    $rootaccount.id = "root"

    $rootaccount.password = $newrootCredential.GetNetworkCredential().Password

    $rootaccount.shellAccess = "/bin/bash"

    1. Get list of Host servers from textfile to change root password on

    Get-Content esxservers.txt | %{

    Connect-VIServer $_ -User root -Password $oldrootCredential.GetNetworkCredential().Password -ErrorAction SilentlyContinue -ErrorVariable ConnectError | Out-Null

    If ($ConnectError -ne $Null) {

    Write-Host "ERROR: Failed to connect to ESX server:" $_

    }

    Else {

    $si = Get-View ServiceInstance

    $acctMgr = Get-View -Id $si.content.accountmanager

    $acctMgr.UpdateUser($rootaccount)

    Write-Host "Root password successfully changed on" $_

    Disconnect-VIServer -Confirm:$False | Out-Null

    }

    }

    }

    Else {

    Write-Host "ERROR: New root passwords do not match. Exiting..."

    }

    My Powershell skills are still very basic but in progress none the less :smileyblush: .

    Would anybody be able to explain why this is crashing and how i can resolve it?

    Many Thanks in advance



  • 2.  RE: Bulk Change Root Password

    Broadcom Employee
    Posted Sep 08, 2010 12:02 PM

    Hi,

    The HostLocalAccountManager object exists only when connected directly to ESX(i) server and may be this is the reason for the error.

    Can you check that esxservers.txt contains only names of the ESX hosts but not vCenter servers?

    Regards,

    Yasen Kalchev

    PowerCLI Dev Team



  • 3.  RE: Bulk Change Root Password

    Posted Sep 08, 2010 12:19 PM

    I can confirm it only contains a list of three vSphere servers in FQDN format.



  • 4.  RE: Bulk Change Root Password

    Broadcom Employee
    Posted Sep 08, 2010 12:30 PM

    Do you have enough permissions to do this operations? I think the required privilege is Host.Local.ManageUserGroups.

    BTW the script can be simplified just using Get-VMHostAccount & Set-VMHostAccount cmdltes.They also provide esx connection validation for you.

    $oldrootPassword = Read-Host “Enter old root password” -AsSecureString
    $oldrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist “root”,$oldrootPassword
    
    # Get new root credential
    $newrootPassword = Read-Host “Enter new root password” -AsSecureString
    $newrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist “root”,$newrootPassword
    $newrootPassword2 = Read-Host “Retype new root password” -AsSecureString
    $newrootCredential2 = new-object -typename System.Management.Automation.PSCredential -argumentlist “root”,$newrootPassword2
    
    # Compare passwords
    If ($newrootCredential.GetNetworkCredential().Password -ceq $newrootCredential2.GetNetworkCredential().Password) {
    
        # Get list of Host servers from textfile to change root password on
        Get-Content esxservers.txt | %{
            Connect-VIServer $_ -User root -Password $oldrootCredential.GetNetworkCredential().Password -ErrorAction SilentlyContinue -ErrorVariable ConnectError | Out-Null
            If ($ConnectError -ne $Null) {
                Write-Host “ERROR: Failed to connect to ESX server:” $_
            } Else {
                Get-VMHostAccount root | Set-VMHostAccount -Password $newrootCredential.GetNetworkCredential().Password
                Write-Host “Root password successfully changed on” $_
                Disconnect-VIServer -Confirm:$False | Out-Null
            }
        }
    } Else {
        Write-Host “ERROR: New root passwords do not match. Exiting…”
    }
    
    

    Regards,

    Yasen Kalchev

    PowerCLI Dev Team



  • 5.  RE: Bulk Change Root Password
    Best Answer

    Posted Sep 08, 2010 12:43 PM

    Very strange but this script is working now and i didn't change anything!?

    All i did was close PowerGui Script Editor then open it again when i got your second reply. Very strange indeed but i guess i got a lot to learn about Powershell still!

    Thanks for your quick replies though!