Add Local Administrator Account on ESXi via PowerCLI
The is some reason to have local user on ESXi servers even when there is vCenter server for management such as vCenter is inaccessible.
You can use root user for doing operations on ESXi directly but some times, you have to ask someone to do the operations and then you will not have any tacking and all operation will be done by root user.
So create user for trusted colleagues will help you to manage ESXi and track each user about what has he done.
User creation is too easy, you can create users via vSphere Client (C# Client or Web Client) or by run some scripts.
PowerCLI is automation tools for VMware products and you can use it for create more than one users by run few lines of script.
You can use the below script for create users and assign proper roles to them but you must change something in the below script and customize it to use:
#Connect to ESXi hosts via root account
$VMHosts="ESXi1 IP/DNS Name","ESXi2 IP/DNS Name",....,"ESXiN IP/DNS Name"
Foreach ($VMHost In $VMHosts)
Connect-VIServer -Protocol https -Server $VMHost -User root -Password QWERTY
Foreach ($Account In $Accounts)
#Create User with Shell Access
Write-Host "Create User For $Account"
New-VMHostAccount -Id $Account -Password "Same Password For All Users" -GrantShellAccess
#Assign Administrator Premission
$RootFolder = Get-Folder -Name ha-folder-root
New-VIPermission -Entity $RootFolder -Principal $Account -Role Admin
Disconnect-VIServer $VMHOst -Confirm:$false
The above script will create users with Administrator role and each user be able to manage all object under root folder.
Also you can create group for different users and assign the role to the group instead of each user that I’ll publish it in next posts.