Managing Local User Accounts on VMware ESXi Hosts using Aria Automation Orchestrator
In my previous blog post, I provided a walkthrough of how to manage ESXi local user accounts using PowerCLI and vCenter Server. In this post, we will explore how to use VMware Aria Automation Orchestrator to manage local user accounts on VMware ESXi hosts. We will create four new actions: getUsers, createUser, updateUser, and removeUser. These actions will allow us to obtain a list of all local user accounts from a provided VMware ESXi host, create a new local user account, update an existing user account, and delete a user account.
Getting a List of Local User Accounts
Our first goal is to obtain a list of all local user accounts from a provided VMware ESXi host. To accomplish this, we create a new VMware Aria Automation Orchestrator action called getUsers. This action has one input which is of type VcHostSystem. In this example, my VcHostSystem input variable is called host.
The code for the getUsers action is as follows:
“`
// Create a new array to hold our user account objects
List
// Call the Get-User cmdlet
Get-User -Hostname $host -Name *
// Save the output to our new array
$userAccounts = $output.userAccounts
“`
This action uses the Get-User cmdlet to retrieve a list of all local user accounts on the specified ESXi host. The output is saved to the userAccounts array.
Creating a New Local User Account
Next, we will create a new local user account on the ESXi host. To do this, we create a new VMware Aria Automation Orchestrator action called createUser. This action has two inputs: one for the host and one for the username and password.
The code for the createUser action is as follows:
“`
// Create a new user account
VcUserAccount newUser = $host.Get-User -Name $username -Password $password
// Add the new user to the list of user accounts
$userAccounts.Add($newUser)
“`
This action uses the Get-User cmdlet to create a new local user account on the specified ESXi host. The new user is added to the userAccounts array.
Updating an Existing Local User Account
Next, we will update an existing local user account on the ESXi host. To do this, we create a new VMware Aria Automation Orchestrator action called updateUser. This action has two inputs: one for the host and one for the username and password.
The code for the updateUser action is as follows:
“`
// Update the existing user account
VcUserAccount updatedUser = $host.Get-User -Name $username -Password $password
// Add the updated user to the list of user accounts
$userAccounts.Add($updatedUser)
“`
This action uses the Get-User cmdlet to update an existing local user account on the specified ESXi host. The updated user is added to the userAccounts array.
Deleting a Local User Account
Finally, we will delete a local user account from the ESXi host. To do this, we create a new VMware Aria Automation Orchestrator action called removeUser. This action has one input: the id of the user account to delete.
The code for the removeUser action is as follows:
“`
// Delete the specified user account
$host.Get-User -Id $userAccountId | Remove-User -Confirm:$false
“`
This action uses the Get-User cmdlet to retrieve the specified user account and then deletes it using the Remove-User cmdlet. The Confirm parameter is set to false to avoid prompting the user for confirmation.
Conclusion
In this post, we explored how to use VMware Aria Automation Orchestrator to manage local user accounts on VMware ESXi hosts. We created four new actions: getUsers, createUser, updateUser, and removeUser. These actions allow us to obtain a list of all local user accounts from a provided VMware ESXI host, create a new local user account, update an existing user account, and delete a user account. These actions can be used in a standalone fashion or integrated into more complex workflows, such as updating the root user account password on all VMware ESXi hosts within a cluster or a VMware vCenter Server.