I had come across the scenario where we need to change ESXi root passwords frequently.. when we have 100+ ESXi hosts in the environment it is not going to be easy., In this post i am going to share two scripts,
#validating root credentials
Connect-VIServer vcsa65
$file = “F:script_outputroot_pwdchk.txt”
New-Item -ItemType File $file -Force
$file = “F:script_outputroot_pwdchk.txt”
New-Item -ItemType File $file -Force
Get-vmhost | %{
Connect-VIServer $_.name -user root -password “xxxxx” -ErrorAction SilentlyContinue -ErrorVariable ConnectError | Out-Null
If ($ConnectError -ne $Null) {
“ERROR: Failed to connect to ESX server:” $_.name | Tee-Object -FilePath $file -Append | Write-Host
}
Else {
“Root password is correct on” $_.name | Tee-Object -FilePath $file -Append | Write-Host
Disconnect-VIServer -Confirm:$False | Out-Null
}
}
#changing root password
Connect-VIServer vcsa65
#Gets a list of hosts to change passwords for
$vimhosts = Get-vmhost
#Starts Error Report recording
$errReport =@()
#Current Hosts Root Password
$rootpswd = ‘xxxx’
#New Root Password
$newpass = ‘xxxxx’
#Starts the process and loops until the last hos
foreach ($vmhost in $vmhosts){
#Connects to each host and also continues on any error to finish the list
Connect-VIServer $singleViserver -User root -Password $rootpswd -ErrorAction SilentlyContinue -ErrorVariable err
$errReport += $err
if($err.Count -eq 0){
#Sets the root password
Set-VMHostAccount -UserAccount root -Password $newpass
}
#Disconnects from each server and suppresses the confirmation
Disconnect-VIServer -Confirm:$False
$errReport += $err
$err = “”
}
#Outputs the error report to a CSV file, if file is empty then no errors.
$errReport | Export-Csv “F:script_outputerrorHosts.csv” -NoTypeInformation
}