Create user on hosts

Simply copy and paste into notepad++ or equiv and save as createlocalshelluser.ps1

### There is a downside to this script, it does not create a permisson for you on the local host. As in you will not have admin permission so will not be able to interact with vmware as such. You will be able to login to shell and then sudo but that is about as far as you will be able to get.###

You may have to sign the script prior to running depending on your domain GPO settings.

ESXi Code:
#Vcenter name, can be FQDN
$vsphere = "Whackdiddy"
#User to create
$new_user = "Username"
#Password for new user
$new_user_passwd = "MyP@ssw0rd"
#Group to add user too
$new_user_grp = "root"

#local host username with rights to create local users
$root_user = "root"
#Password for local host user with rights to create local users
$root_passwd = "whackdiddy"

# Get all of the ESX servers (connect using Windows credentials)
connect-viserver $vsphere
$hosts = Get-View -ViewType HostSystem
disconnect-viserver -confirm:$false

# For each ESX server, connect and see if the new account exists.
# If it does, reset the password and ensure the account is granted shell access.
# If it doesn't, create it and add to the root group (this seems to be necessary to allow ssh login in ESX4.0)
$hosts | %{ $_.name } | %{
  echo $_
  connect-viserver -server $_ -user $root_user -password $root_passwd
  if ($?) {
    if (! (get-vmhostaccount | ?{ $_.id -eq $new_user })) {
      new-vmhostaccount -useraccount -id $new_user -password $new_user_passwd -grantshellaccess
   set-vmhostaccount -groupaccount $new_user_grp  -assignusers $new_user
    }
 else {
   set-vmhostaccount -useraccount $new_user -password $new_user_passwd -grantshellaccess $true
   }

 disconnect-viserver -confirm:$false "*"
  }
}
ESX Code:
#Vcenter name, can be FQDN
$vsphere = "Whackdiddy"
#User to create
$new_user = "Username"
#Password for new user
$new_user_passwd = "MyP@ssw0rd"
#Group to add user too
$new_user_grp = "esxadmin"

#local host username with rights to create local users
$root_user = "root"
#Password for local host user with rights to create local users
$root_passwd = "whackdiddy"

# Get all of the ESX servers (connect using Windows credentials)
connect-viserver $vsphere
$hosts = Get-View -ViewType HostSystem
disconnect-viserver -confirm:$false

# For each ESX server, connect and see if the new account exists.
# If it does, reset the password and ensure the account is granted shell access.
# If it doesn't, create it and add to the root group (this seems to be necessary to allow ssh login in ESX4.0)
$hosts | %{ $_.name } | %{
  echo $_
  connect-viserver -server $_ -user $root_user -password $root_passwd
  if ($?) {
    if (! (get-vmhostaccount | ?{ $_.id -eq $new_user })) {
      new-vmhostaccount -useraccount -id $new_user -password $new_user_passwd -grantshellaccess
	  set-vmhostaccount -groupaccount $new_user_grp  -assignusers $new_user
    }
	else {
	  set-vmhostaccount -useraccount $new_user -password $new_user_passwd -grantshellaccess $true
	  }

	disconnect-viserver -confirm:$false "*"
  }
}

taken from jbarbers site.

https://gist.github.com/715238

Advertisements