PowerCLI

 View Only
  • 1.  Resetting Local Windows Admin Password

    Posted May 04, 2023 04:15 PM

    Hi Everyone - 

    I need to reset my local admin account password on some VMs, I came across this topic here https://communities.vmware.com/t5/VMware-PowerCLI-Discussions/Need-script-to-change-admin-password-for-all-VMs-windows/td-p/376957

     

    The code seems to be working decent enough, my question is I am authenticating to the VMs with the same account I am resetting the password, so ultimately the password reset appears to work but the script is "failing" with failed to authenticate (Although the password is being reset)

     

    Obviously this is not an ideal situation i was curious what other people are doing or if there is anything I can do better with the script.

     

    $VMNames = @("vmname1")
    $AdminUser = "AdminAccount"

    foreach ($VMName in $VMNames) {
    $VM = Get-VM -Name $VMName
    $Cred = Get-Credential -Message "Enter the current password for $AdminUser on $VMName"

    $ScriptBlock = {
    $localadministrator = [adsi]("WinNT://./adminaccount, user")
    $localadministrator.psbase.invoke("SetPassword", "MyNewPassword")

    Write-Host "Password for $AdminUser has been reset on $($env:COMPUTERNAME)."
    }

    Invoke-VMScript -VM $VM -ScriptType PowerShell -ScriptText $ScriptBlock -GuestCredential $Cred
    }

     

    Thanks in advance



  • 2.  RE: Resetting Local Windows Admin Password

    Posted May 04, 2023 05:02 PM

    I create that script as a Scheduled Task inside the Guest OS.
    That Scheduled Task is to run once and after for example 5 seconds.
    That way the Invoke-VMScript can return without an issue.
    You can test later if the password is effectively changed by doing another dummy Invoke-VMScript with the new password.



  • 3.  RE: Resetting Local Windows Admin Password

    Posted May 04, 2023 05:08 PM

    Hi LucD

    Yeah I think the main issue is the script is not "completing" so I am not able to get any output to track what worked and what did not. 

    On the one VM I did confirm that the password is in fact being changed but pushing this out to scale does not seem feasible.

    I have to think about it a little bit more to see if there is something else that I can try or do.