support Posted August 29, 2016 Share Posted August 29, 2016 Step 1: Ensure you have prerequisites set up for your web server and hosts, as per this forum post (Once off process) Step 2: Add new Password Record configured as follows: Screen 1: Ensure you configure the below 5 options correctly and enter in the password for the account. If you configure an Expiry Date it will automatically change the password when that date is reached. Screen 2: Three are three options on this page to configure: Confirm the Reset Linux Password reset script is selected Determine whether or not to use a Privileged Account and select the appropriate option. If you do not use a Privileged Account, Passwordstate will connect to the host using the account on the Password Details tab (which in this example is marlee), and perform the reset. Otherwise it will connect to the host with the Privileged Account username and password, and then perform the reset for the user account (marlee) Confirm the Password Reset Schedule is enabled if you want the password to automatically change when the Expiry Date occurs Screen 3: Confirm the Validate Password for Linux Account validation script is selected Link to comment Share on other sites More sharing options...
StefanPahrmann Posted April 26, 2018 Share Posted April 26, 2018 I've developed a script, which uses PowerCLI/API (VMwares powershell-modules), instead of SSH. SSH is by default disabled on ESXi-hosts for security-reasons, and I want to keep it that way As mentioned needs PowerCLI installed on the server (Guide can be found here https://blogs.vmware.com/PowerCLI/2017/08/updating-powercli-powershell-gallery.html). No privileged account needed. Function Set-ESXiPassword { [CmdletBinding()] param ( [String]$HostName, [String]$UserName, [String]$OldPassword, [String]$NewPassword ) try{ $conn=Connect-VIServer $HostName -User $UserName -Password $OldPassword } catch { switch -wildcard ($error[0].Exception.ToString().ToLower()) { "*incorrect user*" { Write-Output "Incorrect username or password on host '$HostName'"; break} "*" {write-output $error[0].Exception.ToString().ToLower();break} } } try{ $change=Set-VMHostAccount -UserAccount $UserName -Password $NewPassword Disconnect-Viserver * -confirm:$false } catch { switch -wildcard ($error[0].Exception.ToString().ToLower()) { "*not currently connected*" {Write-Output "It wasn't possible to connect to '$HostName'";break} "*weak password*" { Write-Output "Failed to execute script correctly against Host '$HostName' for the account '$UserName'. It appears the new password did not meet the password complexity requirements on the host."; break } "*" {write-output $error[0].Exception.ToString().ToLower();break} #Add other wildcard matches here as required default { Write-Output "Success" } } } } Set-ESXiPassword -HostName '[HostName]' -UserName '[UserName]' -OldPassword '[OldPassword]' -NewPassword '[NewPassword]' Regards Stefan Sarge and Buckit 2 Link to comment Share on other sites More sharing options...
support Posted April 26, 2018 Author Share Posted April 26, 2018 Awesome - thanks for contributing Stefan With your permission, would you be okay if we also included your script in our product as well? Would you know which versions of ESX this would be compatible with? Regards Click Studios Link to comment Share on other sites More sharing options...
StefanPahrmann Posted April 30, 2018 Share Posted April 30, 2018 Hi, of course you can use it . The cmdlet (Set-VMHostAccount) has been around from at least 5.1. Maybe it needs some further testing, but it seems to work here at our place without problems. Regards Stefan Link to comment Share on other sites More sharing options...
support Posted April 30, 2018 Author Share Posted April 30, 2018 Thanks Stefan - we really appreciate it Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now