Last active
October 5, 2015 15:09
-
-
Save vjason1/e23f818961a04b09959a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CLS | |
Echo '' | |
Echo 'Please note this script is hard coded to create new accounts with ESXi root permissions and shell access.' | |
Echo '' | |
Echo 'If an account with the specified user name already exists the password will be updated, and the account granted root permissions and shell access.' | |
Echo '' | |
$vsphere= Read-Host 'Please enter the vCenter Server name that manages the ESXi hosts where you wish to create the new account' | |
$root_passwd= Read-Host 'Please enter the current ESXi root password.' | |
$new_user= Read-Host 'Please enter a name of the new or existing user account' | |
$new_user_passwd= Read-Host 'Please enter a password for the new or existing user account' | |
$root_user = "root" | |
# Get all of the ESXi servers (connect using Windows credentials) | |
connect-viserver -server $vsphere | |
$hosts = get-vmhost | |
disconnect-viserver -confirm:$false | |
# For each ESXi server, connect and see if the new account exists. | |
# If it does, reset the password and ensure the account is granted shell access. | |
$hosts | %{ $_.name } | %{ | |
echo $_ | |
connect-viserver -server $_ -user $root_user -password $root_passwd | |
$rootFolder = Get-Folder -Name ha-folder-root | |
if ($?) { | |
if (! (get-vmhostaccount | ?{ $_.id -eq $new_user })) { | |
new-vmhostaccount -useraccount -id $new_user -password $new_user_passwd -grantshellaccess | |
New-VIPermission -Entity $rootFolder -Principal $new_user -Role admin | |
} | |
else { | |
set-vmhostaccount -useraccount $new_user -password $new_user_passwd -grantshellaccess $true | |
New-VIPermission -Entity $rootFolder -Principal $new_user -Role admin | |
} | |
disconnect-viserver -confirm:$false "*" | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Modified version of a PowerCLI script originally published by jbarber.
Designed to create new VMware ESXi local accounts (or configure existing accounts) with root permissions on all ESXi servers managed by the specified vCenter Server. Assumes all ESXi servers have the same root password; if they don't I have another script to standardize them.
I use this in a lab environment with private VLANs so security isn't a concern. I just wanted some additional accounts so I could standardize my approach to gathering ESXTOP data.