Create a new Local Admin account on several servers 5.5u3b ESXi - errors w / existing Script

I have what should be a fairly simple task, but as with many things in life it has so far proven very evasive. My environment is made up of about 60 guests ESXi (5.5u3b) with 3 Server vCenter (6.0) in front of them. I need to change the ROOT password for all virtual servers, but before I do my boss wants that I create a second account administrator (Root) to make sure my script to change password causes us to free access to the vHosts. That is my problem.

I looked at several articles by different people, including Terrence Luk and William Lam. I have also reviewed several forum posts including https://communities.vmware.com/message/2343138#2343138 and https://communities.vmware.com/thread/470056 who answered almost to my question, but I get an error when using these scripts:

New-VIPermission: 30/03/2016 Group Local New - VIPermission 08:33:59 accounts are not supported for ESX version 5.1

It seems that I can't manage local users on the ESXi with PowerCLI hosts since 5.1... is that correct? Y at - it a new cmdlet PowerCLI which replaced this cmdlet, or y at - it another way for me to reach my goal?

As mentioned, I tried several scripts, all with the same basic components, and all with the same error. However, just to give us a starting point, it comes down to the last script I tested: (I obviously changed the variables)

$accountName = "OMSAITA52".

$accountPswd = "password"

$accountDescription = "Dell OpenManage user '.

$esxlist = Get-VMHost

{foreach ($esx to $esxlist)

SE connect-VIServer -Server $esx -user root -password "password".

$rootFolder = get-file -name ha-folder-root

Try {}

Get-VMHostAccount -Id $accountName -ErrorAction Stop

}

Catch {}

$account = new VMHostAccount -Id $accountName -password $accountPswd -Description $accountDescription UserAccount - GrantShellAccess -

New-VIPermission -entity $rootFolder -main $account -role admin

}

VIServer disconnect -Confirm: $false

}

Right now I'm just connect directly to a single host and manually run the commands in bold to prove the logic is sound, but eventually I would like to run against all virtual servers via vCenter, or a spreadsheet.

Thanks in advance for your help guys, I appreciate it.

If it is literally the exact code in your script, then it will not work.

First, I'll show you what PowerCLI version I use (because maybe it's some weirdness in your version):

(Get-PowerCLIVersion).UserFriendlyVersion
VMware vSphere PowerCLI 6.0 Release 3 build 3205540

Then after that I typed this code exactly as is transcribed here. I happen to have a server named ESX01 in my environment. Please correct hostname of your ESXi. Correct the password too (change the value between the quotation marks):

$node = Connect-VIServer -Server 'esx01' -User root -Password 'P@ssw0rd'
New-VMHostAccount -Id 'Test' -Password 'P@ssw0rd' -Description 'Tester' -GrantShellAccess:$true -Server $node
New-VIPermission -Entity $node.name -Principal 'Test' -Role Admin -Propagate:$true -Server $node

It works flawless in my environment. Check the screenshot:

Tags: VMware

Similar Questions

I created a new administrator user account that has replaced the original one. Now I can not access my old files. What can I do?

Windows XP Professional

I found that will help you solve your problem,
the original instructions have been written by Shenan Stanley

Posts: n/a

Re: Main administrator account appearing not

If you can connect with the new account that you created (which should be an administrator account as well) then go directly to step 2 below.

I suppose that you use the administrator account as your main account (bad
idea anyway) and that means that you probably have Windows XP Professional * and *.
somehow enabled the guest account or create a new account - or
installed some patches that created a new account - as .NET.

I guess also that (since you say "appear") you also use the 'Welcome' screen
opening of session instead of the classic logon.

(1) restart the system. Press CTRL + ALT + DELETE twice on home
screen. Type in "Administrator" (without the quotes) as the username
and do not put in any password and logon. Work?

(2) or follow the instructions below to add the administrator account of
the Welcome screen * or * download/use TweakUI to choose that is visible on
the screen of welcome and even set automatic logon if you want.

How to add a user to the Welcome screen logon page:
------
1. start regedit.exe (start--> RUN--> REGEDIT--> OK)
2. navigate to:
HKEY_LOCAL_MACHINE
NT\CurrentVersion\Winlogon\SpecialAccounts\UserLis t.

3. on the Edit menu, select new, DWORD value.
4. type administrator as the name, and then press ENTER.
5 double-click on the new value it the value 1 and click OK.
6. close the registry editor.

The administrator account will now appear on the Welcome screen. You can use
These same steps to control other accounts listed on the welcome
screen. The value of the registry value to 1 to display an account or account 0 for
hide an account. For example, to hide the user Bob account, add a value
named "Bob" in the registry key identified in step 2, then set the value to 0.

You can do the above with the Microsoft TweakUI PowerToy.
http://www.Microsoft.com/windowsxp/d...PowerToys.mspx
------

Automatic logons:
------
Method of Microsoft:
http://support.Microsoft.com/kb/315231

Method 2 of Microsoft:
TweakUI for:
http://www.Microsoft.com/windowsxp/d...PowerToys.mspx

control userpasswords2 method:
(1) go to the Start Menu and run the box.
(2) type the following:

Control userpasswords2

Now click on OK
(3) in the new Windows that appears select the account you want to make the
opening main session.
Now, uncheck the box "users must enter a user name and password... ».
(4) hit apply and a dialog box will appear asking you to confirm the selected
user password.
Click OK when you have finished...
------

I hope this gets you where you are wanting to be.

It's a * good * thing in the field of the user to:
(1) have strong passwords.
(2) have more than one account to administrator (with strong passwords).

I know - you are the "only one who lives there, the only person who uses your.
computer'... etc. Large. When your House is burgled and computer

stolen (physically or virtually)<- you="" may="" be="" thinking="">
Another thing, like ' all my (the only person who lives here, the only person who).
Use this computer) documents, pictures, e-mails, financial information, updated in cache
Passwords, contacts, etc... are on this computer. »

But it's an individual choice. You get to evaluate risk. =)

Cannot create a new administrator user account

Hi, I have a bit of a dilemma. I have a laptop which has Vista from Microsoft and I wanted to create a new administrator account, but I don't have access to the former administrator account. I know that you can not help me with recovery of lost password for the old account, but is there a way to always create a new administrator account without having to restore my computer?

Hi Chuckter,

Without an administrator account, you will not be able to create a new one.

There are 3rd party software that claims to be able to reset the password on the administrator accounts or create a new account on a boot cd. Search in your favorite search engine 'vista password' should yield interesting results. Please scan of tools that you can download for infections by the virus.

Using third-party software, including hardware drivers can cause serious problems that may prevent your computer from starting properly. Microsoft cannot guarantee that problems resulting from the use of third-party software can be solved. Software using third party is at your own risk...

Brent
Microsoft Answers Support Engineer
Visit our Microsoft answers feedback Forum and let us know what you think.

Create a new vsphere environment 6 and migrate virtual machines to esxi existing 5.1

The current environment has a cluster with 5.1 esxi hosts and vcenter server 5.5-controlled.
I would like to create a new environment vsphere 6 with new hosts. Again I mean a clean install of vCenter server 6 and esxi, implementation of the new cluster, etc.. So I won't be able to migrate virtual machines running in 5.1 esxi hosts to the new environment.
What would be the appropriate steps to make this right?
Thank you.

Take a look at this KB on how to move an ESXi host at another vCenter vSphere: VMware KB: move a managed ESX ESXi host to a vCenter Server to a different Server vCenter

And if you are using vDS, you should look here: KB VMware: ESX/ESXi host with vDS passing a vCenter Server to another

Thunderbird 38.01, when I created a new e-mail account, it does not take account the preferences of archive and records everything in a single folder, although the old accounts work well.

I installed Thunderbird on a system different and migrated with success profile, but earlier today that Gmail wasn't picking up messages correctly, so I ended up using the new feature of Thunderbird. (I'm also spent POP IMAP for Gmail). The newly created has no trouble picking up the messages from the server, but when I try to archive, he pours everything into one folder. My settings call for records of the year and the month. Each account other archive correctly. The newly created is not in a row.

While poking around, I can have answered my own question. Thunderbird was not ignoring the parameters month and year for archiving completely. He was pouring newly archived messages from the Gmail account in a single folder. However, it was also archiving each of them in the old Gmail account archives folder and putting them in the correct subfolders it. It's strange, but it is achievable. I guess that Thunderbird has recognized the same email address used to set up the old account (which wasn't downloading mail more for some reason any) and the new. I changed the folder on the new configuration settings to point to the folder of old archives, and now Thunderbird archives only one copy of each message, as it should.

How to create a new local folder in Thunderbird?

Provide details.

I don't know what you mean by a 'local folder '. But you can select any folder in Thunderbird, right-click and select 'New folder' or 'New subfolder' from the context menu.

Some mail servers may not accept subfolders in some places. I used one for folders defined by the user in his file Inbox and nowhere else.

Local Admins in Windows 7 Professional get access denied error messages

Domain-joined Win 7 PCs have a problem where the things that previously had no need of the elevated permissions are now forcing him. Standard users now get random error "access denied" messages when you perform work that previously had no problem. UAC is disabled. No known doesn't change for computers or objects group policy before and after the question that's happened.

Any thoughts?

Hi Chris,

The question you posted would be better suited in the TechNet Forums. I would recommend posting your query in the link below.

http://social.technet.Microsoft.com/forums/en-us/w7itproinstall/threads

Good day!

Local administrator account and issue of local Group Policy permissions problem.

You have a local administrator account where it was defined

http://img26.imageshack.us/img26/5716/18112010133154.PNG

I think preventing the admin account to remove or install devices. This causes a problem. Looks like it's AD GP as is grayed out and I can't add locally. The network team claim there is no GPs AD to limit the admin account local they know of.

Also, I try to use the process on the machine monitor, but who needs administrator rights and he repeats that the local administrator account is not a member of the Administrators group, but it is.

Any ideas? Even if it's just he Process Monitor bit setting?

And looking at the photo can someone explain which means that icon next to load and unload device drivers. It is different from the others and think that it is linked, may be trying to tell me that it is a strategy of AD Group.

I talked to the networks, they said there is not together AD GP for this. I used the local administrator account to create a new local administrator account and put it in the Administrators group. Connected to it and it also has the same problem.

Any ideas?

The symbol, that you reference indicates that the setting has been locked by group policy and is not editable. When I saw it in the past, the only way I could replace, it is using "secedit". For more information about this command:
Starting-> help and support-> Search: Secedit

"Elephant Gun" approach might also work:

"How to restore the security settings the default settings?
<>http://support.Microsoft.com/kb/313222 >

HTH,
JW

I can't create a new user account (Windows 7): the user profile service service has no logon

I tried to create a new user account, but I get the following error when I try to open a session with him:

the user profile service service has no logon

Until I leave than anything more I will add that I activated the hidden administrator account and this is the account I use to create a new standard user account.

Most of the patches for this issue are due to the fact that delete manually a user account does not remove the registry key that are associated, and you are required to go to the next section of the registry:

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\PROFILELIST

and delete the key associated with the user account to be deleted.

This fix IS NOT help, because whenever I try to create a new user, Windows doesn't bother creating a registry key to the new user. The new user account appears in the account management window. If I right click ondesktop and select Properties, then the settings , select the Advanced tab and click settingsunder USER PROFILES, the new account appears not here no more.

It is a huge problem. I have other people who use this laptop and I don't want to use my login information, or the guest account. I'm not editing the registry just to make a new account.

Please tell me there is a fix for this that works. Windows 7 was not free, and this kind of problem is very frustrating for the premium software.

Thanks - this is the only tip that help me to find the solution to this problem.

Two files in the folder C:\Users\Default\AppData\Local\Microsoft\Windows Live could not be copied without administrator privileges. This caused the connection in the attempt fail for all newly created user accounts. The files are:

C:\Users\Default\AppData\Local\Microsoft\Windows Live\Bici\Bici1_00.sqm

and

C:\Users\Default\AppData\Local\Microsoft\Windows Live\SqmApi\SqmData720896_00.sqm

I've added the read permission for all users in these two files and retried the logon. The opening of session proceeded set up initial user and filled perfectly. Probably, this problem started when I installed Windows Live Messenger which is the only Windows Live application, I installed.

Other important in your message board was to check the event log which stressed the two files which could not copy. Otherwise provided in WARNING messages immediately preceded files event log error message indicates that the profile service could not connect.

Need help to create a new Xbox account

I deleted my Xbox Live account, a long time ago and I want to create a new. My old Xbox Live account is associated to my the Microsoft Account. But when I want to create an Xbox Live account, it says I have one using my that already have Microsoft Account. I'm sure I deleted my Xbox Live account and when I go on my Xbox Live account in the Internet, it says this, "Uh oh... that shouldn't happen." It seems that you have found a bug in the system. Please try again later. "I need help, I really want to create a new Xbox Live account using my course Microsoft Account. Thank you.

Hello

Your Question is beyond the scope of this community.

I suggest that repost you in the correct forum.

'Home'

http://forums.Xbox.com/

"Xbox forums.

http://forums.Xbox.com/xbox_forums/general_discussion/f/3817.aspx

"Xbox Forums directory.

http://www.Xbox.com/en-us/forums

See you soon.

Cannot create a new user account in Vista Home Premium

Running Windows Vista Home Premium SP1 installed, running on a LG laptop. I am set up as an administrator, but when you click through the steps to create a new Standard user account, it does not create and does not appear in the list of users.
I tried searching for this issue of TechNet, but was unable to find anything related.
Any help is appreciated

Hi B Pick,

Thanks for posting us the Forum of community of answers.microsoft.com.

Since he had been some time since your last post, we marked this as resolved. Recently I saw messages and found that you had posted about it recently. Sometimes if a thread shows solved it do not get reviewed again, so, my apologies, it took some time to answer.

A point of interest in considering the issue of "unable to create a user account having administrative rights" is can create you an account that has no administrative rights from another account and then you use that has administrative rights? Information Justin had submitted and information, I'm reviewing, it would be very beneficial for our steps in troubleshooting to have this documented as being verified.

You would present to us in the forum if this is something you are able to accomplish in a new administrative account that you create for this system?

In another order of ideas, it would be that there are suspicious software loaded on the system. Try running scan of Virus and malware removal tool.

Here are some links for the Microsoft-Authored applications for these procedures. Check if these are products that you want to use, or if you have already produced in place for this activity to use them if you wish.

You can download the Windows Malicious Software Removal Tool here:

http://www.Microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

Windows live one care. Please see the information relating to One Care. It doesn't have a trial period of 90 days.

http://OneCare.live.com/site/en-us/Center/whatsnew.htm

Enjoy you post to us.

We will work with you to try to help you find a will.

Kind regards

Debbie
Microsoft Answers Support Engineer
Visit our Microsoft answers feedback Forum and let us know what you think.

the profile user account folder can be renamed instead of create a new user account

I noticed this issue posted everywhere that none got the answer, the person posting was looking for. Basically, the question is "can the folder of the user profile account be renamed? '... I have the same problem. I sent a PC in for repair. They reloaded the operating system and created the new test user account. Rather than just create a new user account, I've renamed the test NAME user account. I couldn't help but notice later that user account folder name has remained the same "TEST". That's why you have people to ask the question "can the folder of the user profile account be renamed instead of create a new user account." It of an easy fix but does not answer the question.

It is not usually. If you have a computer, why not have just him take care of it for you instead of friction top yourself? ;-)

Try this instead if you really must do it yourself:

1. create a new administrator account. Call it 'CompAdmin' or 'Tech' or similar. You definitely want to have an administrative user account like this set up that you will use not except for emergency situations. You will use this in the elevation of privileges in your daily report - which will be a Standard account - but will not need to connect to CompAdmin after that company copy unless something goes terribly wrong. ;-)

2. create a new user account Standard for your daily work. This called something that makes you happy. I don't know your real name, so I'll call it "HDXer". Connect to HDXer to create the profile files/folders.

3. connect to CompAdmin and:

a. Control Panel > everything on the control panel > Folder Options

b. click on the view tab, click hidden files and folders, clear the Hide protected operating system files check box and then click OK. Now you can see everything.

c. using Windows Explorer ("computer"), search for the file C:\Users\Test.

d. Select all files and folders in this folder, except the following files: Ntuser.dat, Ntuser.dat.log and Ntuser.ini.

e. click on the Edit menu and then click on copy. If you don't see the Edit menu, press ALT.

f. Locate the C:\Users\HDXer folder.

g. click the Edit menu and then click on paste. If you don't see the Edit menu, press ALT.

Sign out and then sign back in as a HDXer. All your stuff should be there. You need to configure your icons and wallpaper (Control Panel > Personalize) and some preferences have been postponed, but really with the exception of the email all your data, Favorites, etc., should now be at the HDXer.

If you have messages in an e-mail program, such as Windows Live Mail, Thunderbird or Outlook, you must import your e-mail messages and addresses to the new user profile before you delete the old profile. Because I don't know what you use for email, I can't give you the details about it. If everything is working properly, you can remove the old Test profile by using the user accounts applet in Control Panel. It won't hurt anything to make you leave the trial on the system for a while, or even forever.
MS - MVP - Elephant Boy computers - don't panic!

I forgot my password for windows 7 for my laptop and a reset disk has not been created. How can I recover the password or create a new one? and I have a dell desktop inspiron one 19

I forgot my password for windows 7 for my laptop and a reset disk has not been created. How can I recover the password or create a new one? and I have a dell inspiron one 19 desktop... your help will be very appreciated thanks in advance!

Here are the usual methods to solve this problem:
- Restart the computer with your Windows repair CD, then use system restore to set Windows in a few days (only works if you have recently changed the password).
- Logging in as a different admin account and then reset the password for your existing account (works only if create you an alternative admin account).
- Log in as administrator mode without failure, then reset the password for your existing account (works only if you have activated the account administrator and know its password).
- Insert your flash drive USB with the password key file (only works if you have created such a keyfile).
- Check your paper files (works only if you threw down the password somewhere)
If none of these standard precautions work for you, then the remedy will be painful. Post again if this is the case.

How to create a new class
Hello

I am trying to create a new class called Questions, which has two properties (type and condition).
Action script is saved in the myComponents the project folder.

When I compile the application, I get the following error message:
"1172 definition myComponents:Question is not found."
Why?

How to call a constructor for a new class, which is not an extension of an existing class?

Concerning
/ Acke

//-----------Class----------//
myComponents package
{
Import all classes in the package mx.events
Mx.events import. *;

public class {Question

Public constructor.
public var {Question()}
Call the constructor of the superclass.
Super();
}
Define properties and methods.
Define the public vars.
public var type: string;
public var status: string;
}
}

//------Main----------//
<? XML version = "1.0" encoding = "utf-8"? >
"" < mx:Application xmlns:mx = ' http://www.adobe.com/2006/mxml ' layout = "absolute".
xmlns:mycomp = "myComponents.*" >

< mx:Script >
<! [CDATA]
Import mx.controls.Alert;
Import mx.events.CloseEvent;
Import myComponents.Question;
etc, etc...

Stupid me!

I have two projects, Quest and AutoQuest, and I recorded it under that bad!.

Thus, it is important now as it should.

Thank you all for your efforts.

Concerning
Acke

How to remove an admin account and create a new user profile

Hi, I have been using my 2 in 1 PC since July last year and I'd like you guys to show me the steps on How to remove an admin account and create a new user account.

Hello Nicolas,.

Thanks for posting your question on the Microsoft community.

I would like to know some information about the problem so that we can help you better.

1. you try to delete a local administrator account?
2. are you able to connect using the Microsoft account?

Thank you for your query details.

I also like the fact you want to know how to remove an administrator account and create

a new user account.

If you are able to connect on the Microsoft account, I suggest you try the following steps to remove an administrator account.

a. press Windows + X keys and click on computer management.
b. click on "local users and groups" and then click on "users".
c. right-click on the account which you want to remove, and then click 'Remove'.
d. click 'Yes', if the prompt message.

To create a new user account, please see this article:
Create a user account
http://Windows.Microsoft.com/en-us/Windows/create-user-account#create-user-account=Windows-8

See also:
User accounts: FAQ
http://Windows.Microsoft.com/en-us/Windows/user-accounts-FAQ#1TC=Windows-8

I hope this information helps.

Please let us know if you need more help.

Thank you

Create a new Local Admin account on several servers 5.5u3b ESXi - errors w / existing Script

Similar Questions

Maybe you are looking for