Hi Atul
Thank you for this guidance. A colleague found that it's possible to set
the password of a Windows system's 'administrator' account where the
account is set for change-on-first-logon by taking advantage of the
'customization' facility in 'vmware_guest':
- name: "Set a new administrator account password and power on the VM"
community.vmware.vmware_guest:
hostname: "{{ management_vcenter_ip }}"
username: "{{ management_vcenter_user }}"
password: "{{ management_vcenter_password }}"
datacenter: "{{ datacenter }}"
cluster: "{{ cluster }}"
name: "{{ vm_name }}"
state: present
networks:
- name: "{{ vm_network }}"
validate_certs: False
wait_for_customization: true
wait_for_ip_address: true
customization:
password: "{{ vm_password }}"
existing_vm: True
delegate_to: localhost
For setting the password of the 'root' account on a Linux system where the
password was set for change-on-first-login, this logic worked:
- name: "Set root password"
delegate_to: localhost
ansible.builtin.expect:
echo: true
command: "ssh -o UserKnownHostsFile=/dev/null -o
StrictHostKeyChecking=no root@{{ vm_ip }} echo 'Success'"
responses:
"Password: ": "{{ vm_original_password }}"
"Current password: ": "{{ vm_original_password }}"
"New password: ": "{{ vm_password }}"
"Retype new password: ": "{{ vm_password }}"
On Saturday, August 19, 2023 at 2:06:04 PM UTC-4 Atul Nasir wrote:
> The module you're using, community.vmware.vmware_guest, is not designed
> to directly change the password of an existing guest VM. Instead, it's
> intended for tasks like deploying and managing virtual machines. Changing
> the password of an existing guest VM requires interacting with the guest
> OS, which is outside the scope of the vmware_guest module.
> ---
> - name: Change Administrator Password
> hosts: your_windows_vm
> tasks:
> - name: Run PowerShell script to change password
> win_shell: |
> $username = "Administrator"
> $newPassword = "your_new_password"
> $securePassword = ConvertTo-SecureString $newPassword -AsPlainText
> -Force
> Set-LocalUser -Name $username -Password $securePassword
> register: password_change_result
> ignore_errors: yes # Ignore errors since the VM might be rebooted
> after changing password
>
> - name: Display output
> debug:
> var: password_change_result.stdout_lines
>
> On Monday, July 17, 2023 at 6:40:03 AM UTC-7 Terry Lemons wrote:
>
>> Hi
>>
>> I want to use the community.vmware.vmware_guest module to set the
>> 'administrator' password of a deployed Windows VM.
>>
>> My environment:
>>
>> SLES 15 SP5 Docker image
>>
>> python version = 3.11.3
>>
>> Ansible Community Package 8.1.0, which includes:
>>
>> ansible [core 2.15.1]
>>
>> community.vmware 3.7.0
>>
>>
>> Here's my coding of the module:
>>
>> - name: "Set new administrator account password, then power on the VM"
>>
>> community.vmware.vmware_guest:
>>
>> hostname: "{{ management_vcenter_ip }}"
>>
>> username: "{{ management_vcenter_user }}"
>>
>> password: "{{ management_vcenter_password }}"
>>
>> name: "{{ vm_name }}"
>>
>> state: poweredon
>>
>> validate_certs: False
>>
>> wait_for_customization: true
>>
>> customization:
>>
>> password: "{{ vm_password }}"
>>
>> delegate_to: localhost
>>
>>
>>
>> I know that the module is somewhat working correctly, in that the Windows
>> VM is powered on when this code is executed. But the 'administrator'
>> password is not being changed/set.
>>
>> Here is the execution output:
>>
>> TASK [deploy-windowssql : Set new administrator account password, then
>> power on the VM]
>> *****************************************************************************************************
>>
>> task path:
>> /root/ecdm-ansible/ansible/roles/deploy-windowssql/tasks/main.yml:37
>>
>> <localhost> ESTABLISH LOCAL CONNECTION FOR USER: root
>>
>> <localhost> EXEC /bin/sh -c 'echo ~root && sleep 0'
>>
>> <localhost> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo
>> /root/.ansible/tmp `"&& mkdir "` echo
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521 `"
>> && echo ansible-tmp-1689179340.0749025-2228-173707777433521="` echo
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521 `" )
>> && sleep 0'
>>
>> Using module file
>> /root/.local/lib/python3.11/site-packages/ansible_collections/community/vmware/plugins/modules/vmware_guest.py
>>
>> <localhost> PUT /root/.ansible/tmp/ansible-local-2050puzm93uc/tmp8zsqyt_a
>> TO
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/AnsiballZ_vmware_guest.py
>>
>> <localhost> EXEC /bin/sh -c 'chmod u+x
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/AnsiballZ_vmware_guest.py
>>
>> && sleep 0'
>>
>> <localhost> EXEC /bin/sh -c '/usr/bin/python
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/AnsiballZ_vmware_guest.py
>>
>> && sleep 0'
>>
>> <localhost> EXEC /bin/sh -c 'rm -f -r
>> /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/ >
>> /dev/null 2>&1 && sleep 0'
>>
>> changed: [ldpdd192.xxx.xxx -> localhost] => {
>>
>> "changed": true,
>>
>> "instance": {
>>
>> "advanced_settings": {
>>
>> "disk.EnableUUID": "TRUE",
>>
>> "ethernet0.pciSlotNumber": "192",
>>
>> "guestInfo.detailed.data": "architecture='X86' bitness='64'
>> buildNumber='20348' distroVersion='Windows' distroAddlVersion='10.0'
>> familyName='Windows' kernelVersion='20348.1726' prettyName='Windows Server
>> 2022, 64-bit (Build 20348.1726)'",
>>
>> "guestinfo.ovfEnv": "",
>>
>> "hpet0.present": "TRUE",
>>
>> "migrate.hostLog": "ldpdd192-4a20f22e.hlog",
>>
>> "migrate.hostLogState": "none",
>>
>> "migrate.migrationId": "5923936046434283652",
>>
>> "monitor.phys_bits_used": "43",
>>
>> "numa.autosize.cookie": "40001",
>>
>> "numa.autosize.vcpu.maxPerVirtualNode": "4",
>>
>> "nvram": "ldpdd192.nvram",
>>
>> "pciBridge0.pciSlotNumber": "17",
>>
>> "pciBridge0.present": "TRUE",
>>
>> "pciBridge4.functions": "8",
>>
>> "pciBridge4.pciSlotNumber": "21",
>>
>> "pciBridge4.present": "TRUE",
>>
>> "pciBridge4.virtualDev": "pcieRootPort",
>>
>> "pciBridge5.functions": "8",
>>
>> "pciBridge5.pciSlotNumber": "22",
>>
>> "pciBridge5.present": "TRUE",
>>
>> "pciBridge5.virtualDev": "pcieRootPort",
>>
>> "pciBridge6.functions": "8",
>>
>> "pciBridge6.pciSlotNumber": "23",
>>
>> "pciBridge6.present": "TRUE",
>>
>> "pciBridge6.virtualDev": "pcieRootPort",
>>
>> "pciBridge7.functions": "8",
>>
>> "pciBridge7.pciSlotNumber": "24",
>>
>> "pciBridge7.present": "TRUE",
>>
>> "pciBridge7.virtualDev": "pcieRootPort",
>>
>> "sched.swap.derivedName":
>> "/vmfs/volumes/5ea09c34-9c2c5469-e8f8-1866dafabeba/ldpdd192/ldpdd192-cc9a4b50.vswp",
>>
>> "scsi0.pciSlotNumber": "160",
>>
>> "scsi0.sasWWID": "50 05 05 62 de e1 b9 20",
>>
>> "scsi0:0.redo": "",
>>
>> "scsi1.pciSlotNumber": "224",
>>
>> "scsi1.sasWWID": "50 05 05 62 de e1 b8 20",
>>
>> "softPowerOff": "FALSE",
>>
>> "svga.guestBackedPrimaryAware": "TRUE",
>>
>> "svga.present": "TRUE",
>>
>> "viv.moid":
>> "8764ba7d-9522-4857-825a-47e74fc5fc94:vm-19798:HeJ1jJrEyPdgB+iQU1Un7tqEDwpEUgYLRmMVZdar5TE=",
>>
>> "vm.genid": "6628295188012277178",
>>
>> "vm.genidX": "-8723771621121363354",
>>
>> "vmotion.checkpointFBSize": "4194304",
>>
>> "vmotion.checkpointSVGAPrimarySize": "4194304",
>>
>> "vmware.tools.internalversion": "12352",
>>
>> "vmware.tools.requiredversion": "12320"
>>
>> },
>>
>> "annotation": "xxx",
>>
>> "current_snapshot": null,
>>
>> "customvalues": {},
>>
>> "guest_consolidation_needed": false,
>>
>> "guest_question": null,
>>
>> "guest_tools_status": "guestToolsNotRunning",
>>
>> "guest_tools_version": "12352",
>>
>> "hw_cluster": "DpcCluster",
>>
>> "hw_cores_per_socket": 1,
>>
>> "hw_datastores": [
>>
>> "dpc_ride_6"
>>
>> ],
>>
>> "hw_esxi_host": "ldpdc023.xxx.xxx",
>>
>> "hw_eth0": {
>>
>> "addresstype": "assigned",
>>
>> "ipaddresses": null,
>>
>> "label": "Network adapter 1",
>>
>> "macaddress": "00:50:56:87:7d:7b",
>>
>> "macaddress_dash": "00-50-56-87-7d-7b",
>>
>> "portgroup_key": "dvportgroup-1087",
>>
>> "portgroup_portkey": "49",
>>
>> "summary": "DVSwitch: 50 07 d6 62 2a 0e d8 f5-0e d0 df 88 ea
>> d0 31 ce"
>>
>> },
>>
>> "hw_files": [
>>
>> "[dpc_ride_6] ldpdd192/ldpdd192.vmx",
>>
>> "[dpc_ride_6] ldpdd192/ldpdd192.vmxf",
>>
>> "[dpc_ride_6] ldpdd192/ldpdd192.nvram",
>>
>> "[dpc_ride_6] ldpdd192/ldpdd192.vmsd",
>>
>> "[dpc_ride_6] ldpdd192/vmware-3.log",
>>
>> "[dpc_ride_6] ldpdd192/vmware-2.log",
>>
>> "[dpc_ride_6] ldpdd192/vmware-1.log",
>>
>> "[dpc_ride_6] ldpdd192/vmware.log",
>>
>> "[dpc_ride_6] ldpdd192/vmware-4.log",
>>
>> "[dpc_ride_6] ldpdd192/ldpdd192.vmdk"
>>
>> ],
>>
>> "hw_folder": "/xxx/vm",
>>
>> "hw_guest_full_name": null,
>>
>> "hw_guest_ha_state": false,
>>
>> "hw_guest_id": null,
>>
>> "hw_interfaces": [
>>
>> "eth0"
>>
>> ],
>>
>> "hw_is_template": false,
>>
>> "hw_memtotal_mb": 6144,
>>
>> "hw_name": "ldpdd192",
>>
>> "hw_power_status": "poweredOn",
>>
>> "hw_processor_count": 4,
>>
>> "hw_product_uuid": "42070532-dee1-b925-e5c2-5be4873fefda",
>>
>> "hw_version": "vmx-13",
>>
>> "instance_uuid": "5007de96-fe50-cd63-bcf6-4fc3f5ea7494",
>>
>> "ipv4": null,
>>
>> "ipv6": null,
>>
>> "module_hw": true,
>>
>> "moid": "vm-19798",
>>
>> "snapshots": [],
>>
>> "tpm_info": {
>>
>> "provider_id": null,
>>
>> "tpm_present": false
>>
>> },
>>
>> "vimref": "vim.VirtualMachine:vm-19798",
>>
>> "vnc": {}
>>
>> },
>>
>> "invocation": {
>>
>> "module_args": {
>>
>> "advanced_settings": [],
>>
>> "annotation": null,
>>
>> "cdrom": [],
>>
>> "cluster": null,
>>
>> "convert": null,
>>
>> "customization": {
>>
>> "autologon": null,
>>
>> "autologoncount": null,
>>
>> "dns_servers": null,
>>
>> "dns_suffix": null,
>>
>> "domain": null,
>>
>> "domainadmin": null,
>>
>> "domainadminpassword": null,
>>
>> "existing_vm": null,
>>
>> "fullname": null,
>>
>> "hostname": null,
>>
>> "hwclockUTC": null,
>>
>> "joindomain": null,
>>
>> "joinworkgroup": null,
>>
>> "orgname": null,
>>
>> "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
>>
>> "productid": null,
>>
>> "runonce": null,
>>
>> "script_text": null,
>>
>> "timezone": null
>>
>> },
>>
>> "customization_spec": null,
>>
>> "customvalues": [],
>>
>> "datacenter": "ha-datacenter",
>>
>> "datastore": null,
>>
>> "delete_from_inventory": false,
>>
>> "disk": [],
>>
>> "esxi_hostname": null,
>>
>> "folder": null,
>>
>> "force": false,
>>
>> "guest_id": null,
>>
>> "hardware": {
>>
>> "boot_firmware": null,
>>
>> "cpu_limit": null,
>>
>> "cpu_reservation": null,
>>
>> "cpu_shares": null,
>>
>> "cpu_shares_level": null,
>>
>> "hotadd_cpu": null,
>>
>> "hotadd_memory": null,
>>
>> "hotremove_cpu": null,
>>
>> "iommu": null,
>>
>> "max_connections": null,
>>
>> "mem_limit": null,
>>
>> "mem_reservation": null,
>>
>> "mem_shares": null,
>>
>> "mem_shares_level": null,
>>
>> "memory_mb": null,
>>
>> "memory_reservation_lock": null,
>>
>> "nested_virt": null,
>>
>> "num_cpu_cores_per_socket": null,
>>
>> "num_cpus": null,
>>
>> "scsi": null,
>>
>> "secure_boot": null,
>>
>> "version": null,
>>
>> "virt_based_security": null,
>>
>> "vpmc_enabled": null
>>
>> },
>>
>> "hostname": "ldpdc211.xxx.xxx",
>>
>> "is_template": false,
>>
>> "linked_clone": false,
>>
>> "name": "ldpdd192",
>>
>> "name_match": "first",
>>
>> "networks": [],
>>
>> "nvdimm": {
>>
>> "label": null,
>>
>> "size_mb": 1024,
>>
>> "state": null
>>
>> },
>>
>> "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
>>
>> "port": 443,
>>
>> "proxy_host": null,
>>
>> "proxy_port": null,
>>
>> "resource_pool": null,
>>
>> "snapshot_src": null,
>>
>> "state": "poweredon",
>>
>> "state_change_timeout": 0,
>>
>> "template": null,
>>
>> "use_instance_uuid": false,
>>
>> "username": admini...@vsphere.local,
>>
>> "uuid": null,
>>
>> "validate_certs": false,
>>
>> "vapp_properties": [],
>>
>> "wait_for_customization": true,
>>
>> "wait_for_customization_timeout": 3600,
>>
>> "wait_for_ip_address": false,
>>
>> "wait_for_ip_address_timeout": 300
>>
>> }
>>
>> }
>>
>> }
>>
>>
>>
>>
>> I looked in
>> https://github.com/ansible-collections/community.vmware/issues?page=3&q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc+vmware_guest,
>>
>> and didn't see this issue.
>>
>> Thoughts, please.
>>
>> Thanks
>>
>> tl
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/35611b94-9258-4304-aaa2-a9da4eaa236fn%40googlegroups.com.
