you can utilize an additional module besides PowerCLI that will help you with this: https://github.com/vmware/PowerCLI-Example-Scripts so first git clone https://github.com/vmware/PowerCLI-Example-Scripts.git Then enter the directory and import the module for SSO
C:\Users\Greg-Admin\PowerCLI-Example-Scripts\Modules\VMware.vSphere.SsoAdmin> Import-Module .\VMware.vSphere.SsoAdmin.psd1
When you have it loaded, you can now connect to SSO:
Connect-SsoAdminServer -Server vc005.greg.labs -User '[email protected]' -Password 'VMware1!' Name : vc005.greg.labs ServiceUri : https://vc005.greg.labs/sso-adminserver/sdk/vsphere.local User : [email protected] Id : /SsoAdminServer=vsphere.local/[email protected] IsConnected : True Client : VMware.vSphere.SsoAdminClient.SsoAdminClient RefCount : 1
Once connected, you can create the user for your SSO domain, in my example i use vsphere.local
New-SsoPersonUser -UserName 'greg12' -Password '1!SecretPassword!1' -FirstName 'Greg' -LastName 'Gregzon' | Set-SsoPersonUser -Group (Get-SsoGroup -Domain 'vsphere.local' -Name Administrators) -Add Name : greg12 Domain : vsphere.local Description : FirstName : Greg LastName : Gregzon EmailAddress : Locked : False Disabled : False PasswordExpirationRemainingDays : 90
Which creates the user and adds the user into Administrators group in vsphere.local domain. If you want to solve this using SSH, you can do it by utilizing the command in vcenter appliance dir-cli
ssh [email protected] /usr/lib/vmware-vmafd/bin/dir-cli user create --account greg7 --first-name Grzegorz --last-name gregzon --user-password '1!SuperSecret1!' --password 'VMware1!'
Assuming you have your public key added in the root .ssh/authorized_keys, it should not prompt for password.
