vSphere API Example for Testing Guest Credentials

VMware 0 Comments

pyvmomi vsphere api

While experimenting with the vSphere API using the Python pyvmomi SDK, I was wondering if there is any way to test guest credentials after I have reset a user password, so the main idea is to automate all the process of resetting the root password on a linux virtual machine.

If you haven’t read my blog post about AutoRoot, go check it now, any constructive feedback is welcome.

Remember that using the vSphere API is like using bricks! Or Lego, you construct your object and it dependent objects, you set their properties and then call their functions. Her we need to use the GuestOperationsManager managed object, which as per the documentation is available since version 5.0 of the API and allow to manipulate the guest operating authentication.
First you should get an instance of your managed object

authMgr = content.guestOperationsManager.authManager

Then construct your credentials using NamePasswordAuthentication


creds = vim.vm.guest.NamePasswordAuthentication(username='root', password='changeme')

And finally call the ValidateCredentialsInGuest method which take two parameters, a managed object reference to a virtual machine and the credentials you just specified using NamePasswordAuthentication:


res = authMgr.ValidateCredentialsInGuest(v, creds)

ValidateCredentialsInGuest will return None if the authentication was successful or an vim.fault.InvalidGuestLogin in case the credentials specified are incorrect.

Here is a sample snippet that you can use in your Python code, I have omitted the connection stuff as this is basically the same for my other scripts, you can have a look à my github repo here.

#connection and acquiring your si goes here..

                authMgr = content.guestOperationsManager.authManager
                creds = vim.vm.guest.NamePasswordAuthentication(username='root', password='changeme')
                print("[*] Validating password reset")

                try:
                    res = authMgr.ValidateCredentialsInGuest(v, creds)
                    if res is None:
                        print("Your login and password are correct")
                except vim.fault.InvalidGuestLogin:
                    print("[-] The specified credentials are incorrect :(")

Be Sociable, Share your Knowledge

1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 4.67 out of 5)
Loading...

Leave a Reply

Your email address will not be published. Required fields are marked *