Create local accounts for VMware ESXi via vMA

The ‘vicfg-user‘ command has been available as of vSphere 6.0 vMA. I hadn’t seen this before and I’m too lazy to download an old vMA to check as to when this showed up.

So I have copied an older post and updated things for using the SDK in the vMA (which can also be used on other systems) instead of PowerCLI.

Sometimes it is worth while having another account on the compute host; whether it is for monitoring or another external process that needs to authenticate.

Over the past few years I have used this so that the root account wasn’t exposed to the monitoring application itself.

I am a huge fan of LogicMonitor as I haven’t found anything nearly as nice to get up and running quickly while giving me more data points than I would ever need.


Caveat: You will still need to log into each host directly (again, the root account) and give permission to login as vSphere 5.1 and above (which includes 6.0 and 6.5) no longer uses groups to give access and there isn’t an option in the PowerCLI cmdlets or the SDK, like in vMA, to do this.

Text file example:

192.168.32.107
192.168.32.108
192.168.42.109
192.168.42.136

And the short script:

#!/bin/sh
# create a user
for i in <code>cat input.txt</code> ; do
  vicfg-user --server${i} -e user -o add -l logicmonitor -s no -r read-only -p f4k3-p4s5w0rd
done

and there you have it!