'community.vmware.vmware_guest module' does not set password

Hi

I want to use the community.vmware.vmware_guest module to set the ‘administrator’ password of a deployed Windows VM.

My environment:

SLES 15 SP5 Docker image

python version = 3.11.3

Ansible Community Package 8.1.0, which includes:

ansible [core 2.15.1]

community.vmware 3.7.0

Here’s my coding of the module:

• name: “Set new administrator account password, then power on the VM”

community.vmware.vmware_guest:

hostname: “{{ management_vcenter_ip }}”

username: “{{ management_vcenter_user }}”

password: “{{ management_vcenter_password }}”

name: “{{ vm_name }}”

state: poweredon

validate_certs: False

wait_for_customization: true

customization:

password: “{{ vm_password }}”

delegate_to: localhost

I know that the module is somewhat working correctly, in that the Windows VM is powered on when this code is executed. But the ‘administrator’ password is not being changed/set.

Here is the execution output:

TASK [deploy-windowssql : Set new administrator account password, then power on the VM] *****************************************************************************************************

task path: /root/ecdm-ansible/ansible/roles/deploy-windowssql/tasks/main.yml:37

ESTABLISH LOCAL CONNECTION FOR USER: root

EXEC /bin/sh -c ‘echo ~root && sleep 0’

EXEC /bin/sh -c ‘( umask 77 && mkdir -p “echo /root/.ansible/tmp”&& mkdir “echo /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521” && echo ansible-tmp-1689179340.0749025-2228-173707777433521=“echo /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521” ) && sleep 0’

Using module file /root/.local/lib/python3.11/site-packages/ansible_collections/community/vmware/plugins/modules/vmware_guest.py

PUT /root/.ansible/tmp/ansible-local-2050puzm93uc/tmp8zsqyt_a TO /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/AnsiballZ_vmware_guest.py

EXEC /bin/sh -c ‘chmod u+x /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/ /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/AnsiballZ_vmware_guest.py && sleep 0’

EXEC /bin/sh -c ‘/usr/bin/python /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/AnsiballZ_vmware_guest.py && sleep 0’

EXEC /bin/sh -c ‘rm -f -r /root/.ansible/tmp/ansible-tmp-1689179340.0749025-2228-173707777433521/ > /dev/null 2>&1 && sleep 0’

changed: [ldpdd192.xxx.xxx → localhost] => {

“changed”: true,

“instance”: {

“advanced_settings”: {

“disk.EnableUUID”: “TRUE”,

“ethernet0.pciSlotNumber”: “192”,

“guestInfo.detailed.data”: “architecture=‘X86’ bitness=‘64’ buildNumber=‘20348’ distroVersion=‘Windows’ distroAddlVersion=‘10.0’ familyName=‘Windows’ kernelVersion=‘20348.1726’ prettyName=‘Windows Server 2022, 64-bit (Build 20348.1726)’”,

“guestinfo.ovfEnv”: “”,

“hpet0.present”: “TRUE”,

“migrate.hostLog”: “ldpdd192-4a20f22e.hlog”,

“migrate.hostLogState”: “none”,

“migrate.migrationId”: “5923936046434283652”,

“monitor.phys_bits_used”: “43”,

“numa.autosize.cookie”: “40001”,

“numa.autosize.vcpu.maxPerVirtualNode”: “4”,

“nvram”: “ldpdd192.nvram”,

“pciBridge0.pciSlotNumber”: “17”,

“pciBridge0.present”: “TRUE”,

“pciBridge4.functions”: “8”,

“pciBridge4.pciSlotNumber”: “21”,

“pciBridge4.present”: “TRUE”,

“pciBridge4.virtualDev”: “pcieRootPort”,

“pciBridge5.functions”: “8”,

“pciBridge5.pciSlotNumber”: “22”,

“pciBridge5.present”: “TRUE”,

“pciBridge5.virtualDev”: “pcieRootPort”,

“pciBridge6.functions”: “8”,

“pciBridge6.pciSlotNumber”: “23”,

“pciBridge6.present”: “TRUE”,

“pciBridge6.virtualDev”: “pcieRootPort”,

“pciBridge7.functions”: “8”,

“pciBridge7.pciSlotNumber”: “24”,

“pciBridge7.present”: “TRUE”,

“pciBridge7.virtualDev”: “pcieRootPort”,

“sched.swap.derivedName”: “/vmfs/volumes/5ea09c34-9c2c5469-e8f8-1866dafabeba/ldpdd192/ldpdd192-cc9a4b50.vswp”,

“scsi0.pciSlotNumber”: “160”,

“scsi0.sasWWID”: “50 05 05 62 de e1 b9 20”,

“scsi0:0.redo”: “”,

“scsi1.pciSlotNumber”: “224”,

“scsi1.sasWWID”: “50 05 05 62 de e1 b8 20”,

“softPowerOff”: “FALSE”,

“svga.guestBackedPrimaryAware”: “TRUE”,

“svga.present”: “TRUE”,

“viv.moid”: “8764ba7d-9522-4857-825a-47e74fc5fc94:vm-19798:HeJ1jJrEyPdgB+iQU1Un7tqEDwpEUgYLRmMVZdar5TE=”,

“vm.genid”: “6628295188012277178”,

“vm.genidX”: “-8723771621121363354”,

“vmotion.checkpointFBSize”: “4194304”,

“vmotion.checkpointSVGAPrimarySize”: “4194304”,

“vmware.tools.internalversion”: “12352”,

“vmware.tools.requiredversion”: “12320”

},

“annotation”: “xxx”,

“current_snapshot”: null,

“customvalues”: {},

“guest_consolidation_needed”: false,

“guest_question”: null,

“guest_tools_status”: “guestToolsNotRunning”,

“guest_tools_version”: “12352”,

“hw_cluster”: “DpcCluster”,

“hw_cores_per_socket”: 1,

“hw_datastores”: [

“dpc_ride_6”

],

“hw_esxi_host”: “ldpdc023.xxx.xxx”,

“hw_eth0”: {

“addresstype”: “assigned”,

“ipaddresses”: null,

“label”: “Network adapter 1”,

“macaddress”: “00:50:56:87:7d:7b”,

“macaddress_dash”: “00-50-56-87-7d-7b”,

“portgroup_key”: “dvportgroup-1087”,

“portgroup_portkey”: “49”,

“summary”: “DVSwitch: 50 07 d6 62 2a 0e d8 f5-0e d0 df 88 ea d0 31 ce”

},

“hw_files”: [

“[dpc_ride_6] ldpdd192/ldpdd192.vmx”,

“[dpc_ride_6] ldpdd192/ldpdd192.vmxf”,

“[dpc_ride_6] ldpdd192/ldpdd192.nvram”,

“[dpc_ride_6] ldpdd192/ldpdd192.vmsd”,

“[dpc_ride_6] ldpdd192/vmware-3.log”,

“[dpc_ride_6] ldpdd192/vmware-2.log”,

“[dpc_ride_6] ldpdd192/vmware-1.log”,

“[dpc_ride_6] ldpdd192/vmware.log”,

“[dpc_ride_6] ldpdd192/vmware-4.log”,

“[dpc_ride_6] ldpdd192/ldpdd192.vmdk”

],

“hw_folder”: “/xxx/vm”,

“hw_guest_full_name”: null,

“hw_guest_ha_state”: false,

“hw_guest_id”: null,

“hw_interfaces”: [

“eth0”

],

“hw_is_template”: false,

“hw_memtotal_mb”: 6144,

“hw_name”: “ldpdd192”,

“hw_power_status”: “poweredOn”,

“hw_processor_count”: 4,

“hw_product_uuid”: “42070532-dee1-b925-e5c2-5be4873fefda”,

“hw_version”: “vmx-13”,

“instance_uuid”: “5007de96-fe50-cd63-bcf6-4fc3f5ea7494”,

“ipv4”: null,

“ipv6”: null,

“module_hw”: true,

“moid”: “vm-19798”,

“snapshots”: ,

“tpm_info”: {

“provider_id”: null,

“tpm_present”: false

},

“vimref”: “vim.VirtualMachine:vm-19798”,

“vnc”: {}

},

“invocation”: {

“module_args”: {

“advanced_settings”: ,

“annotation”: null,

“cdrom”: ,

“cluster”: null,

“convert”: null,

“customization”: {

“autologon”: null,

“autologoncount”: null,

“dns_servers”: null,

“dns_suffix”: null,

“domain”: null,

“domainadmin”: null,

“domainadminpassword”: null,

“existing_vm”: null,

“fullname”: null,

“hostname”: null,

“hwclockUTC”: null,

“joindomain”: null,

“joinworkgroup”: null,

“orgname”: null,

“password”: “VALUE_SPECIFIED_IN_NO_LOG_PARAMETER”,

“productid”: null,

“runonce”: null,

“script_text”: null,

“timezone”: null

},

“customization_spec”: null,

“customvalues”: ,

“datacenter”: “ha-datacenter”,

“datastore”: null,

“delete_from_inventory”: false,

“disk”: ,

“esxi_hostname”: null,

“folder”: null,

“force”: false,

“guest_id”: null,

“hardware”: {

“boot_firmware”: null,

“cpu_limit”: null,

“cpu_reservation”: null,

“cpu_shares”: null,

“cpu_shares_level”: null,

“hotadd_cpu”: null,

“hotadd_memory”: null,

“hotremove_cpu”: null,

“iommu”: null,

“max_connections”: null,

“mem_limit”: null,

“mem_reservation”: null,

“mem_shares”: null,

“mem_shares_level”: null,

“memory_mb”: null,

“memory_reservation_lock”: null,

“nested_virt”: null,

“num_cpu_cores_per_socket”: null,

“num_cpus”: null,

“scsi”: null,

“secure_boot”: null,

“version”: null,

“virt_based_security”: null,

“vpmc_enabled”: null

},

“hostname”: “ldpdc211.xxx.xxx”,

“is_template”: false,

“linked_clone”: false,

“name”: “ldpdd192”,

“name_match”: “first”,

“networks”: ,

“nvdimm”: {

“label”: null,

“size_mb”: 1024,

“state”: null

},

“password”: “VALUE_SPECIFIED_IN_NO_LOG_PARAMETER”,

“port”: 443,

“proxy_host”: null,

“proxy_port”: null,

“resource_pool”: null,

“snapshot_src”: null,

“state”: “poweredon”,

“state_change_timeout”: 0,

“template”: null,

“use_instance_uuid”: false,

“username”: administrator@vsphere.local,

“uuid”: null,

“validate_certs”: false,

“vapp_properties”: ,

“wait_for_customization”: true,

“wait_for_customization_timeout”: 3600,

“wait_for_ip_address”: false,

“wait_for_ip_address_timeout”: 300

}

}

}

I looked in https://github.com/ansible-collections/community.vmware/issues?page=3&q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc+vmware_guest, and didn’t see this issue.

Thoughts, please.

Thanks

tl

The module you’re using, community.vmware.vmware_guest, is not designed to directly change the password of an existing guest VM. Instead, it’s intended for tasks like deploying and managing virtual machines. Changing the password of an existing guest VM requires interacting with the guest OS, which is outside the scope of the vmware_guest module.

Hi Atul

Thank you for this guidance. A colleague found that it’s possible to set the password of a Windows system’s ‘administrator’ account where the account is set for change-on-first-logon by taking advantage of the ‘customization’ facility in ‘vmware_guest’:

• name: “Set a new administrator account password and power on the VM”
  community.vmware.vmware_guest:
  hostname: “{{ management_vcenter_ip }}”
  username: “{{ management_vcenter_user }}”
  password: “{{ management_vcenter_password }}”
  datacenter: “{{ datacenter }}”
  cluster: “{{ cluster }}”
  name: “{{ vm_name }}”
  state: present
  networks:
• name: “{{ vm_network }}”
  validate_certs: False
  wait_for_customization: true
  wait_for_ip_address: true
  customization:
  password: “{{ vm_password }}”
  existing_vm: True
  delegate_to: localhost

For setting the password of the ‘root’ account on a Linux system where the password was set for change-on-first-login, this logic worked:

• name: “Set root password”
  delegate_to: localhost
  ansible.builtin.expect:
  echo: true
  command: “ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@{{ vm_ip }} echo ‘Success’”
  responses:
  "Password: ": “{{ vm_original_password }}”
  "Current password: ": “{{ vm_original_password }}”
  "New password: ": “{{ vm_password }}”
  "Retype new password: ": “{{ vm_password }}”