Hi Atul
Thank you for this guidance. A colleague found that it's possible to set
the password of a Windows system's 'administrator' account where the
account is set for change-on-first-logon by taking advantage of the
'customization' facility in 'vmware_guest':
- name: "Set a new administrator account password and power on the VM"
community.vmware.vmware_guest:
hostname: "{{ management_vcenter_ip }}"
username: "{{ management_vcenter_user }}"
password: "{{ management_vcenter_password }}"
datacenter: "{{ datacenter }}"
cluster: "{{ cluster }}"
name: "{{ vm_name }}"
state: present
networks:
- name: "{{ vm_network }}"
validate_certs: False
wait_for_customization: true
wait_for_ip_address: true
customization:
password: "{{ vm_password }}"
existing_vm: True
delegate_to: localhost
For setting the password of the 'root' account on a Linux system where the
password was set for change-on-first-login, this logic worked:
- name: "Set root password"
delegate_to: localhost
ansible.builtin.expect:
echo: true
command: "ssh -o UserKnownHostsFile=/dev/null -o
StrictHostKeyChecking=no root@{{ vm_ip }} echo 'Success'"
responses:
"Password: ": "{{ vm_original_password }}"
"Current password: ": "{{ vm_original_password }}"
"New password: ": "{{ vm_password }}"
"Retype new password: ": "{{ vm_password }}"
On Saturday, August 19, 2023 at 2:06:04 PM UTC-4 Atul Nasir wrote:
> The module you're using, community.vmware.vmware_guest, is not designed
> to directly change the password of an existing guest VM. Instead, it's
> intended for tasks like deploying and managing virtual machines. Changing
> the password of an existing guest VM requires interacting with the guest
> OS, which is outside the scope of the vmware_guest module.
> ---
> - name: Change Administrator Password
> hosts: your_windows_vm
> tasks:
> - name: Run PowerShell script to change password
> win_shell: |
> $username = "Administrator"
> $newPassword = "your_new_password"
> $securePassword = ConvertTo-SecureString $newPassword -AsPlainText
> -Force
> Set-LocalUser -Name $username -Password $securePassword
> register: password_change_result
> ignore_errors: yes # Ignore errors since the VM might be rebooted
> after changing password
>
> - name: Display output
> debug:
> var: password_change_result.stdout_lines
>
> On Monday, July 17, 2023 at 6:40:03 AM UTC-7 Terry Lemons wrote:
>
>> Hi
>>
>> I want to use the community.vmware.vmware_guest module to set the
>> 'administrator' password of a deployed Windows VM.
>>
>> My environment:
>>
>> SLES 15 SP5 Docker image
>>
>> python version = 3.11.3
>>
>> Ansible Community Package 8.1.0, which includes:
>>
>> ansible [core 2.15.1]
>>
>> community.vmware 3.7.0
>>
>>
>> Here's my coding of the module:
>>
>> - name: "Set new administrator account password, then power on the VM"
>>
>> community.vmware.vmware_guest:
>>
>> hostname: "{{ management_vcenter_ip }}"
>>
>> username: "{{ management_vcenter_user }}"
>>
>> password: "{{ management_vcenter_password }}"
>>
>> name: "{{ vm_name }}"
>>
>> state: poweredon
>>
>> validate_certs: False
>>
>> wait_for_customization: true
>>
>> customization:
>>
>> password: "{{ vm_password }}"
>>
>> delegate_to: localhost
>>
>>
>>
>> I know that the module is somewhat working correctly, in that the Windows
>> VM is powered on when this code is executed. But the 'administrator'
>> password is not being changed/set.
>>
>> Here is the execution output:
>>
>> TASK [deploy-windowssql : Set new administrator account password, then
>> power on the VM]
>> *****************************************************************************************************
>>
>> task path:
>> /root/ecdm-ansible/ansible/roles/deploy-windowssql/tasks/main.yml:37
>>
>> <localhost> ESTABLISH LOCAL CONNECTION FOR USER: root
>>
>> <localhost> EXEC /bin/sh -c 'echo ~root && sleep 0'
>>
>> <localhost> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo
>> /root/.ansible/tmp `"&& mkdir "` echo
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521 `"
>> && echo ansible-tmp-1689179340.0749025-2228-173707777433521="` echo
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521 `" )
>> && sleep 0'
>>
>> Using module file
>> /root/.local/lib/python3.11/site-packages/ansible_collections/community/vmware/plugins/modules/vmware_guest.py
>>
>> <localhost> PUT /root/.ansible/tmp/ansible-local-2050puzm93uc/tmp8zsqyt_a
>> TO
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/AnsiballZ_vmware_guest.py
>>
>> <localhost> EXEC /bin/sh -c 'chmod u+x
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/AnsiballZ_vmware_guest.py
>>
>> && sleep 0'
>>
>> <localhost> EXEC /bin/sh -c '/usr/bin/python
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/AnsiballZ_vmware_guest.py
>>
>> && sleep 0'
>>
>> <localhost> EXEC /bin/sh -c 'rm -f -r
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/ >
>> /dev/null 2>&1 && sleep 0'
>>
>> changed: [ldpdd192.xxx.xxx -> localhost] => {
>>
>> "changed": true,
>>
>> "instance": {
>>
>> "advanced_settings": {
>>
>> "disk.EnableUUID": "TRUE",
>>
>> "ethernet0.pciSlotNumber": "192",
>>
>> "guestInfo.detailed.data": "architecture='X86' bitness='64'
>> buildNumber='20348' distroVersion='Windows' distroAddlVersion='10.0'
>> familyName='Windows' kernelVersion='20348.1726' prettyName='Windows Server
>> 2022, 64-bit (Build 20348.1726)'",
>>
>> "guestinfo.ovfEnv": "",
>>
>> "hpet0.present": "TRUE",
>>
>> "migrate.hostLog": "ldpdd192-4a20f22e.hlog",
>>
>> "migrate.hostLogState": "none",
>>
>> "migrate.migrationId": "5923936046434283652",
>>
>> "monitor.phys_bits_used": "43",
>>
>> "numa.autosize.cookie": "40001",
>>
>> "numa.autosize.vcpu.maxPerVirtualNode": "4",
>>
>> "nvram": "ldpdd192.nvram",
>>
>> "pciBridge0.pciSlotNumber": "17",
>>
>> "pciBridge0.present": "TRUE",
>>
>> "pciBridge4.functions": "8",
>>
>> "pciBridge4.pciSlotNumber": "21",
>>
>> "pciBridge4.present": "TRUE",
>>
>> "pciBridge4.virtualDev": "pcieRootPort",
>>
>> "pciBridge5.functions": "8",
>>
>> "pciBridge5.pciSlotNumber": "22",
>>
>> "pciBridge5.present": "TRUE",
>>
>> "pciBridge5.virtualDev": "pcieRootPort",
>>
>> "pciBridge6.functions": "8",
>>
>> "pciBridge6.pciSlotNumber": "23",
>>
>> "pciBridge6.present": "TRUE",
>>
>> "pciBridge6.virtualDev": "pcieRootPort",
>>
>> "pciBridge7.functions": "8",
>>
>> "pciBridge7.pciSlotNumber": "24",
>>
>> "pciBridge7.present": "TRUE",
>>
>> "pciBridge7.virtualDev": "pcieRootPort",
>>
>> "sched.swap.derivedName":
>> "/vmfs/volumes/5ea09c34-9c2c5469-e8f8-1866dafabeba/ldpdd192/ldpdd192-cc9a4b50.vswp",
>>
>> "scsi0.pciSlotNumber": "160",
>>
>> "scsi0.sasWWID": "50 05 05 62 de e1 b9 20",
>>
>> "scsi0:0.redo": "",
>>
>> "scsi1.pciSlotNumber": "224",
>>
>> "scsi1.sasWWID": "50 05 05 62 de e1 b8 20",
>>
>> "softPowerOff": "FALSE",
>>
>> "svga.guestBackedPrimaryAware": "TRUE",
>>
>> "svga.present": "TRUE",
>>
>> "viv.moid":
>> "8764ba7d-9522-4857-825a-47e74fc5fc94:vm-19798:HeJ1jJrEyPdgB+iQU1Un7tqEDwpEUgYLRmMVZdar5TE=",
>>
>> "vm.genid": "6628295188012277178",
>>
>> "vm.genidX": "-8723771621121363354",
>>
>> "vmotion.checkpointFBSize": "4194304",
>>
>> "vmotion.checkpointSVGAPrimarySize": "4194304",
>>
>> "vmware.tools.internalversion": "12352",
>>
>> "vmware.tools.requiredversion": "12320"
>>
>> },
>>
>> "annotation": "xxx",
>>
>> "current_snapshot": null,
>>
>> "customvalues": {},
>>
>> "guest_consolidation_needed": false,
>>
>> "guest_question": null,
>>
>> "guest_tools_status": "guestToolsNotRunning",
>>
>> "guest_tools_version": "12352",
>>
>> "hw_cluster": "DpcCluster",
>>
>> "hw_cores_per_socket": 1,
>>
>> "hw_datastores": [
>>
>> "dpc_ride_6"
>>
>> ],
>>
>> "hw_esxi_host": "ldpdc023.xxx.xxx",
>>
>> "hw_eth0": {
>>
>> "addresstype": "assigned",
>>
>> "ipaddresses": null,
>>
>> "label": "Network adapter 1",
>>
>> "macaddress": "00:50:56:87:7d:7b",
>>
>> "macaddress_dash": "00-50-56-87-7d-7b",
>>
>> "portgroup_key": "dvportgroup-1087",
>>
>> "portgroup_portkey": "49",
>>
>> "summary": "DVSwitch: 50 07 d6 62 2a 0e d8 f5-0e d0 df 88 ea
>> d0 31 ce"
>>
>> },
>>
>> "hw_files": [
>>
>> "[dpc_ride_6] ldpdd192/ldpdd192.vmx",
>>
>> "[dpc_ride_6] ldpdd192/ldpdd192.vmxf",
>>
>> "[dpc_ride_6] ldpdd192/ldpdd192.nvram",
>>
>> "[dpc_ride_6] ldpdd192/ldpdd192.vmsd",
>>
>> "[dpc_ride_6] ldpdd192/vmware-3.log",
>>
>> "[dpc_ride_6] ldpdd192/vmware-2.log",
>>
>> "[dpc_ride_6] ldpdd192/vmware-1.log",
>>
>> "[dpc_ride_6] ldpdd192/vmware.log",
>>
>> "[dpc_ride_6] ldpdd192/vmware-4.log",
>>
>> "[dpc_ride_6] ldpdd192/ldpdd192.vmdk"
>>
>> ],
>>
>> "hw_folder": "/xxx/vm",
>>
>> "hw_guest_full_name": null,
>>
>> "hw_guest_ha_state": false,
>>
>> "hw_guest_id": null,
>>
>> "hw_interfaces": [
>>
>> "eth0"
>>
>> ],
>>
>> "hw_is_template": false,
>>
>> "hw_memtotal_mb": 6144,
>>
>> "hw_name": "ldpdd192",
>>
>> "hw_power_status": "poweredOn",
>>
>> "hw_processor_count": 4,
>>
>> "hw_product_uuid": "42070532-dee1-b925-e5c2-5be4873fefda",
>>
>> "hw_version": "vmx-13",
>>
>> "instance_uuid": "5007de96-fe50-cd63-bcf6-4fc3f5ea7494",
>>
>> "ipv4": null,
>>
>> "ipv6": null,
>>
>> "module_hw": true,
>>
>> "moid": "vm-19798",
>>
>> "snapshots": [],
>>
>> "tpm_info": {
>>
>> "provider_id": null,
>>
>> "tpm_present": false
>>
>> },
>>
>> "vimref": "vim.VirtualMachine:vm-19798",
>>
>> "vnc": {}
>>
>> },
>>
>> "invocation": {
>>
>> "module_args": {
>>
>> "advanced_settings": [],
>>
>> "annotation": null,
>>
>> "cdrom": [],
>>
>> "cluster": null,
>>
>> "convert": null,
>>
>> "customization": {
>>
>> "autologon": null,
>>
>> "autologoncount": null,
>>
>> "dns_servers": null,
>>
>> "dns_suffix": null,
>>
>> "domain": null,
>>
>> "domainadmin": null,
>>
>> "domainadminpassword": null,
>>
>> "existing_vm": null,
>>
>> "fullname": null,
>>
>> "hostname": null,
>>
>> "hwclockUTC": null,
>>
>> "joindomain": null,
>>
>> "joinworkgroup": null,
>>
>> "orgname": null,
>>
>> "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
>>
>> "productid": null,
>>
>> "runonce": null,
>>
>> "script_text": null,
>>
>> "timezone": null
>>
>> },
>>
>> "customization_spec": null,
>>
>> "customvalues": [],
>>
>> "datacenter": "ha-datacenter",
>>
>> "datastore": null,
>>
>> "delete_from_inventory": false,
>>
>> "disk": [],
>>
>> "esxi_hostname": null,
>>
>> "folder": null,
>>
>> "force": false,
>>
>> "guest_id": null,
>>
>> "hardware": {
>>
>> "boot_firmware": null,
>>
>> "cpu_limit": null,
>>
>> "cpu_reservation": null,
>>
>> "cpu_shares": null,
>>
>> "cpu_shares_level": null,
>>
>> "hotadd_cpu": null,
>>
>> "hotadd_memory": null,
>>
>> "hotremove_cpu": null,
>>
>> "iommu": null,
>>
>> "max_connections": null,
>>
>> "mem_limit": null,
>>
>> "mem_reservation": null,
>>
>> "mem_shares": null,
>>
>> "mem_shares_level": null,
>>
>> "memory_mb": null,
>>
>> "memory_reservation_lock": null,
>>
>> "nested_virt": null,
>>
>> "num_cpu_cores_per_socket": null,
>>
>> "num_cpus": null,
>>
>> "scsi": null,
>>
>> "secure_boot": null,
>>
>> "version": null,
>>
>> "virt_based_security": null,
>>
>> "vpmc_enabled": null
>>
>> },
>>
>> "hostname": "ldpdc211.xxx.xxx",
>>
>> "is_template": false,
>>
>> "linked_clone": false,
>>
>> "name": "ldpdd192",
>>
>> "name_match": "first",
>>
>> "networks": [],
>>
>> "nvdimm": {
>>
>> "label": null,
>>
>> "size_mb": 1024,
>>
>> "state": null
>>
>> },
>>
>> "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
>>
>> "port": 443,
>>
>> "proxy_host": null,
>>
>> "proxy_port": null,
>>
>> "resource_pool": null,
>>
>> "snapshot_src": null,
>>
>> "state": "poweredon",
>>
>> "state_change_timeout": 0,
>>
>> "template": null,
>>
>> "use_instance_uuid": false,
>>
>> "username": [email protected],
>>
>> "uuid": null,
>>
>> "validate_certs": false,
>>
>> "vapp_properties": [],
>>
>> "wait_for_customization": true,
>>
>> "wait_for_customization_timeout": 3600,
>>
>> "wait_for_ip_address": false,
>>
>> "wait_for_ip_address_timeout": 300
>>
>> }
>>
>> }
>>
>> }
>>
>>
>>
>>
>> I looked in
>> https://github.com/ansible-collections/community.vmware/issues?page=3&q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc+vmware_guest,
>>
>> and didn't see this issue.
>>
>> Thoughts, please.
>>
>> Thanks
>>
>> tl
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/35611b94-9258-4304-aaa2-a9da4eaa236fn%40googlegroups.com.
