Ryan Coyle Posted August 21, 2019 Share Posted August 21, 2019 Hi All, Like most environments we have ssh disabled on all esxi hosts as default so the built in Linux password reset and validation scripts wont work. I am trying to add a custom password validation and reset script using powercli and they are working when run them manually on the server but when I try to do a heartbeat or reset the password in the ui they fail. The reset password script is the same as the one in this link https://www.clickstudios.com.au/community/index.php?/topic/1760-vmware-esx-password-reset-example/ and the validation I created from looking at other scripts. Is there anything else I would need to do for these custom scripts to run correctly on passwordstate through the UI? Here is the password validation script. Function Validate-ESXiPassword { [CmdletBinding()] param ( [String]$HostName, [String]$UserName, [String]$Password ) $ErrorActionPreference = "Stop" try{ Connect-VIServer $HostName -User $UserName -Password $Password -ErrorAction Stop Write-Output "Success" Disconnect-VIServer $HostName -Force -Confirm:$false } catch { switch -wildcard ($error[0].Exception.ToString().ToLower()) { "*incorrect user*" { Write-Output "Incorrect username or password on host '$HostName'"; break Disconnect-VIServer $HostName -Force -Confirm:$false } "*" {write-output $error[0].Exception.ToString().ToLower();break} } } } Validate-ESXiPassword -HostName '[HostName]' -UserName '[UserName]' -Password '[Password]' Thanks, Best Regards Ryan Link to comment Share on other sites More sharing options...
support Posted August 22, 2019 Share Posted August 22, 2019 Hi Ryan, Does the UI report back any kind of error when running? If we can get back verbose errors from the script, this might help troubleshoot what the issue is. Regards, Support. Link to comment Share on other sites More sharing options...
Ryan Coyle Posted August 27, 2019 Author Share Posted August 27, 2019 Hi Password State, The UI will return the following errors and the error log for password reset. There aren't any errors in the script when ran. Password Verification UI error A manual Account Heartbeat check failed to validated the password for account root (\Networking\SysEngineer\ServiceAccounts) of Account Type 'VMware ESX' on Host phl-esxi-veeam.marketresourcepartners.com. Error = Incorrect username or password on host 'phl-esxi-veeam.marketresourcepartners.com' Password Reset UI error The Passwordstate Windows Service failed to process the Password Reset Script 'Reset ESXI Password' against Host 'phl-esxi-veeam.marketresourcepartners.com' for the account 'root' (\Networking\SysEngineer\ServiceAccounts). As a result, no changes have been made to this record in Passwordstate. Error = Password Reset log error 8/27/2019 12:42:02 PM - Failed password reset for account root associated with host phl-esxi-veeam.marketresourcepartners.com. Error = 8/27/2019 12:42:02 PM - Started processing of data in the resultsDataTable. 8/27/2019 12:42:03 PM - Add Auditing - Password Reset Failed - The Passwordstate Windows Service failed to process the Password Reset Script 'Reset ESXI Password' against Host 'phl-esxi-veeam.marketresourcepartners.com' for the account 'root' (\Networking\SysEngineer\ServiceAccounts). As a result, no changes have been made to this record in Passwordstate. Error = 8/27/2019 12:42:03 PM - Deleting record from queue. ResetTaskQueueID = 48 8/27/2019 12:42:03 PM - Add Auditing - Password Reset Removed from Queue - The Passwordstate Windows Service removed the account 'ESXI Root' (Password List = \Networking\SysEngineer\ServiceAccounts, UserName = root, Description = Root Access to ESXI) from the Queue as the Process Reset Task is now complete. This account relates to the Host phl-esxi-veeam.marketresourcepartners.com. 8/27/2019 12:42:03 PM - Finished processing of data in the resultsDataTable. Best Regards Ryan Link to comment Share on other sites More sharing options...
support Posted August 28, 2019 Share Posted August 28, 2019 Hi Ryan Thanks for the information, but we're not sure of the cause sorry - it looks like the scripts might not be capturing errors properly. We'll need to find some time to try and develop our own scripts for this, and test in our environments. Hopefully in the meantime someone else in the community has gotten this working for themselves? Regards Click Studios Link to comment Share on other sites More sharing options...
Ryan Coyle Posted August 28, 2019 Author Share Posted August 28, 2019 Hi Click Studios, The reset password script came from another community post It doesn't seem to have been implemented though. When I run the script manually I don't receive any errors. Do you have any examples of custom scripts that are capturing errors properly? Every script runs the function at the end with the parameters like below, I am guessing passwordstate will see '[HostName]' and will pass the hostname to the script or how does that work? Validate-ESXiPassword -HostName '[HostName]' -UserName '[UserName]' -Password '[Password]' Link to comment Share on other sites More sharing options...
support Posted August 28, 2019 Share Posted August 28, 2019 Hi Ryan, Yes, we have documentation for this in our User Manual under the Help Menu - go to the KB Articles section, then Password Resets -> Structure of a Password Reset Script. Or, you could look at any of the default scripts we provide on the screen Administration -> PowerShell Scripts Regards Click Studios Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.