Jump to content

StefanPahrmann

Members
  • Content Count

    39
  • Joined

  • Last visited

  • Days Won

    2

Posts posted by StefanPahrmann


  1. I've developed a script, which uses PowerCLI/API (VMwares powershell-modules), instead of SSH. SSH is by default disabled on ESXi-hosts for security-reasons, and I want to keep it that way :) 

     

    As mentioned needs PowerCLI installed on the server (Guide can be found here https://blogs.vmware.com/PowerCLI/2017/08/updating-powercli-powershell-gallery.html). No privileged account needed.

     

    Function Set-ESXiPassword 
    {
    	[CmdletBinding()]
    	param (
    		[String]$HostName,
    		[String]$UserName,
            		[String]$OldPassword,
    		[String]$NewPassword
    	)	
    	try{
    	    $conn=Connect-VIServer $HostName -User $UserName -Password $OldPassword
    	} catch {
    		switch -wildcard ($error[0].Exception.ToString().ToLower())
    		{
    		"*incorrect user*" { Write-Output "Incorrect username or password on host '$HostName'"; break}
    		"*" {write-output $error[0].Exception.ToString().ToLower();break}
    		}
    	}
    	try{
    	    $change=Set-VMHostAccount -UserAccount $UserName -Password $NewPassword
    	    Disconnect-Viserver * -confirm:$false
    	} catch {
    	
    	  switch -wildcard ($error[0].Exception.ToString().ToLower())
    		{
    			"*not currently connected*" {Write-Output "It wasn't possible to connect to '$HostName'";break}
    			"*weak password*" { Write-Output "Failed to execute script correctly against Host '$HostName' for the account '$UserName'. It appears the new password did not meet the password complexity requirements on the host."; break }
    			"*" {write-output $error[0].Exception.ToString().ToLower();break}
    			#Add other wildcard matches here as required
    			default { Write-Output "Success" }
    		}
    	}
    }
    
    Set-ESXiPassword -HostName '[HostName]' -UserName '[UserName]' -OldPassword '[OldPassword]' -NewPassword '[NewPassword]' 

    Regards

    Stefan


  2. Hi again,

     

    just tried that, same error (see output, I have a screenshot as well). Passwords in lists can be created and passwords can be generated. Any logfiles to look into or some hints on how to debug?

    
    curl -k --request POST https://webserver:9119/api/passwordswordlists -d "PasswordList=ZZZ3-Test" -d "CopyPermissions   FromTemplateID=1" -d "CopySettingsFromTemplateID=1" -d "APIKey=xxxxxxxx"
    
    [{"errors":[{"message":"Invalid API Call"},{"phrase":"Error = Object reference not set to an instance of an object.}]}] 
    
    curl -k --request POST https://webserver:9119/api/passwordswordlists -d "PasswordList=ZZZ3-Test" -d "CopyPermissions   FromTemplateID=1" -d "CopySettingsFromTemplateID=1" -d "APIKey=xxxxxxxx"
    
    [{"errors":[{"message":"Invalid API Call"},{"phrase":"Error = Object reference not set to an instance of an object.}]}] 

    Both PasswordListID and TemplateID do exists. 

     

    -Stefan


  3. Hi, 

     

    When trying to create a passwordlist I get an error (this is just a minimalistic query):

    
    [{"errors":[{"message":"Invalid API Call"},{"phrase":"Error = Object reference not set to an instance of an object.}]}]
    
    

    The error I get is following:

    
    [{"errors":[{"message":"Invalid API Call"},{"phrase":"Error = Object reference not set to an instance of an object.}]}]
    
    

    I tried several options, taken from your documentation, but can't see what I'm missing. Creation of passwords with the same URL (only "password" instead of "passwordlist") works as expected. 

     

    I'm using build 7476.

     

    Regards

    Stefan Pahrmann

     


  4. Hi again, 

     

    I tried the upgrade again, and checked the query (with 0 rows affected) before. I rebooted the server to rule out some "hanging" process. It failed with exactly the same error again. 

     

    Do you want me to open a supportcase or can we continue here in the forum?

     

    -Stefan


  5. The problem with a restore is, that the service was "open" for end users after the failed upgrade and that some passwords probably were updated/newly created. 

     

    Is there a way to tell which passwords are updated/created after e.g. 2 PM yesterday and by whom (eventually by SQL query)? I could either try to contact them or migrate them by myself afterwards manually?

     

    -Stefan


  6. Hi, 

     

    It's a bit tricky to do a restore, since i needed to rollback and a simple replacement of the files did seem to work. I would rather doing that. Is there some other way? Can we do it with the backup from before the upgrade?

     

    It's true I tried to run the upgrade several times, here is the first output:

     

    13-01-2015 13:05:06 - Build 7000 - Step 2 Completed Successfully.

    13-01-2015 13:05:44 - Build Process 'Build_7000_DataUpdates' failed with the following error - Query+timeout+expired ::: +++at+System.Data.OleDb.OleDbCommand.ExecuteReaderInternal(CommandBehavior+behavior%2c+String+method)%0d%0a+++at+System.Data.OleDb.OleDbCommand.ExecuteNonQuery()%0d%0a+++at+Passwordstate.Upgrade.Build_Schema_Data_Updates(String+sqlScript%2c+String+LogFileDetail)

    13-01-2015 13:05:44 - Build Process 'Build_7000_Updates' failed with the following error - Thread+was+being+aborted. ::: +++at+System.Threading.Thread.AbortInternal()%0d%0a+++at+System.Threading.Thread.Abort(Object+stateInfo)%0d%0a+++at+System.Web.HttpResponse.AbortCurrentThread()%0d%0a+++at+Passwordstate.Upgrade.Build_Schema_Data_Updates(String+sqlScript%2c+String+LogFileDetail)%0d%0a+++at+Passwordstate.Upgrade.Build_7000_Updates()

     

    Regards

    Stefan


  7. Hi, 

     

    I'm trying to upgrade from 6.350 to 7.105, but I'm getting an error during step 2: "Thread was being aborted" at Passwordstate.Upgrade.Build_Schema_Data_Updates

     

    Looking into the logfiles I've found this:

     

    13-01-2015 13:19:00 - Build 7000 Upgrade Started.

    13-01-2015 13:19:00 - Build Process 'Build_7000_SchemeUpdates_Part1' failed with the following error - Column+names+in+each+table+must+be+unique.+Column+name+%27FQDN%27+in+table+%27dbo.ADDomains%27+is+specified+more+than+once. ::: +++at+System.Data.OleDb.OleDbCommand.ExecuteReaderInternal(CommandBehavior+behavior%2c+String+method)%0d%0a+++at+System.Data.OleDb.OleDbCommand.ExecuteNonQuery()%0d%0a+++at+Passwordstate.Upgrade.Build_Schema_Data_Updates(String+sqlScript%2c+String+LogFileDetail)

    13-01-2015 13:19:00 - Build Process 'Build_7000_Updates' failed with the following error - Thread+was+being+aborted. ::: +++at+System.Threading.Thread.AbortInternal()%0d%0a+++at+System.Threading.Thread.Abort(Object+stateInfo)%0d%0a+++at+System.Web.HttpResponse.AbortCurrentThread()%0d%0a+++at+Passwordstate.Upgrade.Build_Schema_Data_Updates(String+sqlScript%2c+String+LogFileDetail)%0d%0a+++at+Passwordstate.Upgrade.Build_7000_Updates()

     

    Doing a query select * from dbo.ADDomains gives following:

     

    1 xxxx dc=corp,dc=xxxx,dc=com 1 NULL NULL NULL

     

    With FQDN as the 5th column (NULL)

     

    Can you give some hints, what to do?

     

    Regards

    Stefan


  8. Hi, 

     

    When creating a new username/password with the API with an expirydate, these passwords will not be rotated, even if the password list has set this as default behavior for each new password. When selecting the password, rotating is not enabled (hence not inherited). 

    Creating a new user/password manually through the GUI works as expected though. 

     

    Am I missing something?

     

    Regards

    Stefan


  9. Hi, 

     

    while searching for a password in a group, some users are getting following error:

     

    --------

    Record not found

     

    It appears the database record you were trying does not exists

     

    Debug information

    You were directed to this page  from the function call 'PopulateHiddenFields'

     

    -------

     

    Any hints what to do?

     

    Regards

    Stefan

    post-265-0-98335500-1411455330_thumb.jpg


  10. Hi, 

     

    when deleting a passwordlist, there is a prompt saying: "Are you sure you want to delete the selected Password List". Can "selected" be changed with the actual name of the list? This is to avoid deleting the wrong list (we have to doublecheck every time if the right list is selected). 

     

    Thanks in advance

    Stefan Pahrmann

×