Home > VMWare > Changing ESX Server root passwords using PowerCli

Changing ESX Server root passwords using PowerCli

It’s that time again where we need to change the passwords on all of of ESX(i) hosts. Of course, when your number of hosts becomes any more than a handful, this can be a rather arduous process.

I had a scratch around some old scripts and found this one :

 


$serverlist = read-host "Please provide the path to your list of ESX hosts"



# Get old root credential
$oldrootPassword = Read-Host "Enter old root password" -AsSecureString
$oldrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$oldrootPassword

# Get new root credential
$newrootPassword = Read-Host "Enter new root password" -AsSecureString
$newrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword
$newrootPassword2 = Read-Host "Retype new root password" -AsSecureString
$newrootCredential2 = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword2

# Compare passwords
If ($newrootCredential.GetNetworkCredential().Password -ceq $newrootCredential2.GetNetworkCredential().Password) {

# Create new root account object
$rootaccount = New-Object VMware.Vim.HostPosixAccountSpec
$rootaccount.id = "root"
$rootaccount.password = $newrootCredential.GetNetworkCredential().Password
$rootaccount.shellAccess = "/bin/bash"

# Get list of Host servers from textfile to change root password on
Get-Content $serverlist | %{
Connect-VIServer $_ -User root -Password $oldrootCredential.GetNetworkCredential().Password -ErrorAction SilentlyContinue -ErrorVariable ConnectError | Out-Null
If ($ConnectError -ne $Null) {
Write-Host "ERROR: Failed to connect to ESX server:" $_
}
Else {
$si = Get-View ServiceInstance
$acctMgr = Get-View -Id $si.content.accountManager
$acctMgr.UpdateUser($rootaccount)
Write-Host "Root password successfully changed on" $_
Disconnect-VIServer -Confirm:$False | Out-Null
}
}
}
Else {
Write-Host "ERROR: New root passwords do not match. Exiting..."
}

I can’t remember where I got it from, but I am pretty sure it came off the VMware communities.


Of course, if you really wanted to, you get simply gather the list of ESX hosts from your VC and trawl through those using the same code – the only difference would be that you could delete the following

$serverlist = read-host "Please provide the path to your list of ESX hosts"

and replace

# Get list of Host servers from textfile to change root password on
Get-Content $serverlist | %{

with something like

Get-VMHost | %{$_.name}

Happy days – use at own risk of course!

Categories: VMWare Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.